CVE-2012-2290

Published: Oct 18, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel.

Affected (3)

Products: Emc: Networker Module For Microsoft Applications

1 product

Networker Module For Microsoft Applications

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Emc Networker Module For Microsoft Applications	Version 2.2.1
Emc Networker Module For Microsoft Applications	Version 2.3
Emc Networker Module For Microsoft Applications	Version 2.4

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (10)

http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html

Source: security_alert@emc.com

http://osvdb.org/86158

Source: security_alert@emc.com

http://secunia.com/advisories/50957

Source: security_alert@emc.com

http://www.securityfocus.com/bid/55883

Source: security_alert@emc.com

http://www.securitytracker.com/id?1027647

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/86158

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/50957

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/55883

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1027647

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.