| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
101 |
CVE-2012-4969 |
|
|
Exec Code |
2012-09-18 |
2017-11-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. |
|
102 |
CVE-2012-4959 |
22 |
|
Dir. Trav. |
2012-11-18 |
2012-11-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. |
|
103 |
CVE-2012-4956 |
119 |
|
Exec Code Overflow |
2012-11-18 |
2013-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record. |
|
104 |
CVE-2012-4953 |
119 |
|
DoS Exec Code Overflow |
2012-11-14 |
2013-03-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. |
|
105 |
CVE-2012-4944 |
|
|
Exec Code |
2012-11-18 |
2013-06-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page. |
|
106 |
CVE-2012-4924 |
119 |
1
|
Exec Code Overflow |
2012-09-15 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method. |
|
107 |
CVE-2012-4907 |
264 |
|
|
2012-09-13 |
2012-09-14 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. |
|
108 |
CVE-2012-4896 |
119 |
|
Exec Code Overflow |
2012-10-05 |
2020-03-11 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895. |
|
109 |
CVE-2012-4895 |
119 |
|
Exec Code Overflow |
2012-10-05 |
2020-03-11 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896. |
|
110 |
CVE-2012-4894 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-10-05 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file. |
|
111 |
CVE-2012-4879 |
255 |
|
|
2012-09-07 |
2013-10-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest account, which makes it easier for remote attackers to obtain login access via a TELNET session, a different vulnerability than CVE-2012-3013. |
|
112 |
CVE-2012-4876 |
119 |
1
|
Exec Code Overflow |
2012-09-06 |
2012-09-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method. |
|
113 |
CVE-2012-4875 |
119 |
|
Exec Code Overflow |
2012-09-06 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
** DISPUTED ** Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it. |
|
114 |
CVE-2012-4874 |
|
|
|
2012-09-06 |
2012-09-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads." |
|
115 |
CVE-2012-4865 |
119 |
2
|
Exec Code Overflow |
2012-09-06 |
2012-09-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to execute arbitrary code via a crafted .TMD file. |
|
116 |
CVE-2012-4864 |
94 |
2
|
DoS Exec Code Mem. Corr. |
2012-09-06 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file. |
|
117 |
CVE-2012-4857 |
119 |
|
Exec Code Overflow |
2012-12-08 |
2017-08-29 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement. |
|
118 |
CVE-2012-4792 |
399 |
|
Exec Code |
2012-12-30 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012. |
|
119 |
CVE-2012-4787 |
399 |
|
Exec Code |
2012-12-12 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability." |
|
120 |
CVE-2012-4786 |
94 |
|
Exec Code |
2012-12-12 |
2018-10-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability." |
|
121 |
CVE-2012-4782 |
399 |
|
Exec Code |
2012-12-12 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability." |
|
122 |
CVE-2012-4781 |
94 |
|
Exec Code |
2012-12-12 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability." |
|
123 |
CVE-2012-4777 |
264 |
|
Exec Code |
2012-11-14 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "WPF Reflection Optimization Vulnerability." |
|
124 |
CVE-2012-4776 |
20 |
|
Exec Code |
2012-11-14 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data during execution of (1) an XAML browser application (aka XBAP) or (2) a .NET Framework application, aka "Web Proxy Auto-Discovery Vulnerability." |
|
125 |
CVE-2012-4775 |
399 |
|
Exec Code |
2012-11-14 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." |
|
126 |
CVE-2012-4774 |
94 |
|
Exec Code |
2012-12-12 |
2020-09-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that triggers use of unallocated memory as the destination of a copy operation, aka "Windows Filename Parsing Vulnerability." |
|
127 |
CVE-2012-4681 |
|
|
Exec Code Bypass |
2012-08-28 |
2022-05-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. |
|
128 |
CVE-2012-4661 |
119 |
|
Exec Code Overflow |
2012-10-29 |
2017-08-29 |
9.0 |
None |
Remote |
Medium |
Not required |
Complete |
Partial |
Complete |
|
Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522. |
|
129 |
CVE-2012-4655 |
20 |
|
Exec Code |
2012-09-24 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204. |
|
130 |
CVE-2012-4614 |
287 |
|
|
2012-11-27 |
2013-08-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session. |
|
131 |
CVE-2012-4599 |
287 |
|
Exec Code |
2012-08-22 |
2017-01-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file. |
|
132 |
CVE-2012-4598 |
|
|
DoS Exec Code |
2012-08-22 |
2012-08-22 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site. |
|
133 |
CVE-2012-4577 |
255 |
|
|
2012-08-21 |
2017-08-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session. |
|
134 |
CVE-2012-4505 |
119 |
|
Overflow |
2012-11-11 |
2018-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. |
|
135 |
CVE-2012-4504 |
119 |
|
Overflow |
2012-11-11 |
2018-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. |
|
136 |
CVE-2012-4501 |
264 |
|
|
2012-10-26 |
2012-10-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs. |
|
137 |
CVE-2012-4363 |
|
|
DoS Exec Code |
2012-08-21 |
2017-08-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." |
|
138 |
CVE-2012-4359 |
20 |
|
DoS |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the opcode. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4358. |
|
139 |
CVE-2012-4358 |
20 |
|
DoS |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode. |
|
140 |
CVE-2012-4357 |
20 |
|
Exec Code |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block. |
|
141 |
CVE-2012-4355 |
189 |
|
Exec Code Overflow |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354. |
|
142 |
CVE-2012-4354 |
189 |
|
Exec Code Overflow |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. |
|
143 |
CVE-2012-4353 |
119 |
|
Exec Code Overflow |
2012-08-19 |
2012-08-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information. |
|
144 |
CVE-2012-4341 |
119 |
|
DoS Exec Code Overflow |
2012-08-15 |
2018-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900. |
|
145 |
CVE-2012-4337 |
|
|
Exec Code |
2012-08-23 |
2012-08-24 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references. |
|
146 |
CVE-2012-4334 |
|
1
|
Exec Code |
2012-08-14 |
2017-08-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. |
|
147 |
CVE-2012-4333 |
119 |
1
|
Exec Code Overflow |
2012-08-14 |
2017-08-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtained from third party information. |
|
148 |
CVE-2012-4331 |
|
|
XSS |
2012-08-14 |
2012-08-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151. |
|
149 |
CVE-2012-4328 |
|
|
|
2012-08-14 |
2017-08-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through 4.1.12, Forum 4.1.2 through 4.1.12, and the MAPI plugin 1.4.3 for vBulletin 3.x has unknown impact and attack vectors. |
|
150 |
CVE-2012-4274 |
|
|
Exec Code |
2012-08-13 |
2012-08-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 through 06-01-/A, 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B and Cobol GUI Option Server 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B allows remote attackers to execute arbitrary code via unknown attack vectors. |
