CVE-2012-4786
published 2012-12-12CVE-2012-4786: The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7…
PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
24.21%
97.6th percentile
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_7 | — | — |
| microsoft | windows_server_2008 | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p283-83gq-48jq: The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Wind
ghsa_unreviewed·2022-05-14
CVE-2012-4786 [HIGH] CWE-94 GHSA-p283-83gq-48jq: The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Wind
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
Cisco
Cisco IOS Software Smart Install Denial of Service Vulnerability
vendor_cisco·2012-03-28·CVSS 7.8
CVE-2012-0385 [HIGH] Cisco IOS Software Smart Install Denial of Service Vulnerability
Cisco IOS Software Smart Install Denial of Service Vulnerability
Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786.
Cisco has released software updates that address this vulnerability. A workaround may be available in some versions of Cisco IOS Software if the Smart Install feature is not needed.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall
Note: The March 28, 2012, Cisco IOS Software Security Advisory bundl
Cisco
Cisco IOS Software Smart Install Denial of Service Vulnerability
vendor_cisco
CVE-2012-0385 Cisco IOS Software Smart Install Denial of Service Vulnerability
CVE-2012-0385: Cisco IOS Software Smart Install Denial of Service Vulnerability
Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786. Cisco has released software updates that address this vulnerability. A workaround may be available in some versions of Cisco IOS Software if the Smart Install feature is not needed. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall Note: The March 28, 2012, Cisco IOS Software Security A
Suricata
ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
suricata·2012-01-18
CVE-2011-4786 ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
Rule: alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt"; flow:established,to_client; content:"ActiveXObject"; nocase; content:"HPESPRIT.XMLCacheMgr.1"; nocase; distance:0; content:"CacheDocumentXMLWithId"; nocase; distance:0; reference:bid,51396; reference:cve,2011-4786; classtype:attempted-user; sid:2014132; rev:2; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2012_01_18, cve CVE_2011_4786, deployment Perimeter, confidence Medium, signature_severity Major, tag ActiveX, updated_at 2019_07_26, mitre_tactic_id TA0001, mitre
No public exploits indexed.
No writeups or analysis indexed.
http://www.us-cert.gov/cas/techalerts/TA12-346A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-078https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15845http://www.us-cert.gov/cas/techalerts/TA12-346A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-078https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15845
2012-12-12
Published