What is CVE-2012-6275?

CVE-2012-6275 is a vulnerability in Bigantsoft Bigant_im_message_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-02-24.

Is CVE-2012-6275 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Bigantsoft Bigant_im_message_server

CVE-2012-6275

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.

Vulnerability class: Buffer Overflow

EPSS: 0.765 (99.0th percentile) — read the EPSS interpretation.

Affected products

Bigantsoft Bigant_im_message_server
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

VU#990652 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)

Frequently asked questions

What is CVE-2012-6275?: CVE-2012-6275 is a vulnerability in Bigantsoft Bigant_im_message_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-02-24.
Is CVE-2012-6275 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.