CVE-2012-4177

Sažetak

The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument.

Reference

http://forums.ubi.com/showthread.php/699940-Uplay-PC-Patch-2-0-4-Security-fix
http://osvdb.org/84402
http://seclists.org/fulldisclosure/2012/Jul/375
http://www.bbc.com/news/technology-19053453
http://www.exploit-db.com/exploits/20321

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

02-04-2013 - 03:19

Objavljeno

07-08-2012 - 20:55