cvelistv5 - CVE-2012-0202

CVE-2012-0202 (GCVE-0-2012-0202)

Vulnerability from cvelistv5

Published

2012-05-04 16:00

Modified

2024-08-06 18:16

Severity ?

CWE

Summary

Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.

References

URL

Tags

psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21590314	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032164	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032165	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032166
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/73182
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21590314	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032164	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032165	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032166
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/73182

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:20.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cognos-tm1admsd-bo(73182)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-04-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "cognos-tm1admsd-bo(73182)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-0202",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "cognos-tm1admsd-bo(73182)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-0202",
    "datePublished": "2012-05-04T16:00:00",
    "dateReserved": "2011-12-14T00:00:00",
    "dateUpdated": "2024-08-06T18:16:20.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0202\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2012-05-04T16:55:01.137\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer basados ??en la pila en tm1admsd.exe en Admin Server en IBM Cognos TM1 v9.4.x y v9.5.x antes de v9.5.2 FP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:cognos_tm1:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CDFEB23-5AD7-45D8-A7A0-7CB58715FE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:cognos_tm1:9.4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24623B22-951C-4BDD-91C1-F61D3E5BB41E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:cognos_tm1:9.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADA74CE5-93B9-4427-8073-3B6AF7490D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:cognos_tm1:9.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD0FF461-96DE-4C30-89F3-82064DF8CAAB\"}]}]}],\"references\":[{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21590314\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032164\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032165\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032166\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/73182\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21590314\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24032166\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/73182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-fq48-3wjh-9wgm

Vulnerability from github

Published

2022-05-04 00:28

Modified

2022-05-04 00:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-0202"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-05-04T16:55:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.",
  "id": "GHSA-fq48-3wjh-9wgm",
  "modified": "2022-05-04T00:28:42Z",
  "published": "2022-05-04T00:28:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0202"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2012-0202

Vulnerability from fkie_nvd

Published

2012-05-04 16:55

Modified

2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21590314	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032164	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032165	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg24032166
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/73182
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21590314	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032164	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032165	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg24032166
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/73182

Impacted products

Vendor	Product	Version
ibm	cognos_tm1	9.4.1
ibm	cognos_tm1	9.4.1.3
ibm	cognos_tm1	9.5.1
ibm	cognos_tm1	9.5.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:cognos_tm1:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CDFEB23-5AD7-45D8-A7A0-7CB58715FE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:cognos_tm1:9.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24623B22-951C-4BDD-91C1-F61D3E5BB41E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:cognos_tm1:9.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA74CE5-93B9-4427-8073-3B6AF7490D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:cognos_tm1:9.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0FF461-96DE-4C30-89F3-82064DF8CAAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados ??en la pila en tm1admsd.exe en Admin Server en IBM Cognos TM1 v9.4.x y v9.5.x antes de v9.5.2 FP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados."
    }
  ],
  "id": "CVE-2012-0202",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-05-04T16:55:01.137",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2012-AVI-282

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans IBM Cognos Express. Un attaquant distant peut envoyer des données spécialement conçues au serveur IBM Cognos Analytic Server (ICAS) et provoquer un débordement de mémoire tampon. Il peut ainsi exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	N/A	IBM Cognos Express v9.5.
	IBM	N/A	IBM Cognos Express v9.0 ;

References

Title

Publication Time

gsd-2012-0202

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2012-0202

Aliases

CVE-2012-0202

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-0202",
    "description": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.",
    "id": "GSD-2012-0202",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2012-0202"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-0202"
      ],
      "details": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.",
      "id": "GSD-2012-0202",
      "modified": "2023-12-13T01:20:14.259961Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "ID": "CVE-2012-0202",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "cognos-tm1admsd-bo(73182)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ibm:cognos_tm1:9.4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:cognos_tm1:9.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:cognos_tm1:9.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:cognos_tm1:9.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-0202"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
            },
            {
              "name": "cognos-tm1admsd-bo(73182)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:30Z",
      "publishedDate": "2012-05-04T16:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2012-0202 (GCVE-0-2012-0202)

Vulnerability from cvelistv5

ghsa-fq48-3wjh-9wgm

Vulnerability from github

fkie_cve-2012-0202

Vulnerability from fkie_nvd

CERTA-2012-AVI-282

Vulnerability from certfr_avis

Solution

gsd-2012-0202

Vulnerability from gsd

Tags

Sightings

Nomenclature