Описание
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair.
Ссылки
- US Government Resource
- Exploit
- US Government Resource
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:intuit:quickbooks:2009:*:*:*:*:*:*:*
cpe:2.3:a:intuit:quickbooks:2010:*:*:*:*:*:*:*
cpe:2.3:a:intuit:quickbooks:2011:*:*:*:*:*:*:*
cpe:2.3:a:intuit:quickbooks:2012:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00116
Низкий
1.8 Low
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
больше 3 лет назад
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair.
EPSS
Процентиль: 31%
0.00116
Низкий
1.8 Low
CVSS2
Дефекты
CWE-399