cbcvebase.
CVE-2012-0985
published 2012-06-07

CVE-2012-0985: Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00…

PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
12.98%
95.8th percentile
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.

Affected

14 ranges
VendorProductVersion rangeFixed in
sonysmartwi_connection_utillity
sonysmartwi_connection_utillity
sonysmartwi_connection_utillity
sonysmartwi_connection_utillity
sonysmartwi_connection_utillity
sonysmartwi_connection_utillity
sonyvaio_easy_connect
sonyvaio_easy_connect
sonyvaio_pc_wireless_lan_wizard
sonyvaio_wireless_wizard
sonyvaio_wireless_wizard
sonyvaio_wireless_wizard
sonyvaio_wireless_wizard
sonyvaio_wireless_wizard
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.