CVE-2012-2421
N/A
N/A
Summary
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75172
- http://www.securityfocus.com/archive/1/522139
- http://www.kb.cert.org/vuls/id/232979
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75172
- http://www.securityfocus.com/archive/1/522139
- http://www.kb.cert.org/vuls/id/232979
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.