CVE-2012-3258
published 2012-09-19CVE-2012-3258: Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
PriorityP355critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
9.92%
95.0th percentile
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | operations_orchestration | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5q6p-qrmq-r3hp: Unspecified vulnerability in HP Operations Orchestration 9
ghsa_unreviewed·2022-05-17
CVE-2012-3258 [HIGH] GHSA-5q6p-qrmq-r3hp: Unspecified vulnerability in HP Operations Orchestration 9
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
Microsoft
Windows File System Security Feature Bypass Vulnerability
vendor_msrc·2016-07-12·CVSS 6.3
CVE-2016-3258 [MEDIUM] Windows File System Security Feature Bypass Vulnerability
Windows File System Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists in the Windows kernel that could allow an attacker to exploit time of check time of use (TOCTOU) issues in file path-based checks from a low-integrity application. An attacker who successfully exploited this vulnerability could potentially modify files outside of a low-integrity level application.
To exploit the vulnerability, an attacker would need to take advantage of another vulnerability to compromise the sandbox process from a low-integrity application.
The security update addresses the vulnerability by adding a validation check on how a low-integrity application can use certain object manager features.
FAQ: I am running Windows Server 2012. Do I need to install the
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/55594https://exchange.xforce.ibmcloud.com/vulnerabilities/78621https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339http://www.securityfocus.com/bid/55594https://exchange.xforce.ibmcloud.com/vulnerabilities/78621https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339
2012-09-19
Published