CVE-2012-6277

HIGH EPSS 94.0%
Published Feb 21, 20206y ago · Modified Jun 16, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 21, 2020 6y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
94.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 10

VendorProductVersionRange
ibmdomino*≥8.5.0  –  ≤8.5.3.6
ibmnotes*≥8.5  –  ≤8.5.3
symantecdata_loss_prevention_endpoint*≥11.0  –  <11.6.1
symantecdata_loss_prevention_enforce\/detection_servers*≥11.0  –  <11.6.1
symantecdata_loss_prevention_enforce\/detection_servers*≥11.0  –  <11.6.1
symantecmail_security* ≤6.5.7
symantecmail_security* ≤8.1.0
symantecmail_security6.5.7any
symantecmessaging_gateway*≥9.5  –  <10.0.1
hpautonomy_keyview_idol* <10.16

References 8

  • support.symantec.com https://support.symantec.com/us/en/article.symsa1262.html
    Vendor Advisory
  • tools.cisco.com https://tools.cisco.com/security/center/viewAlert.x?alertId=27482
    Third Party Advisory
  • vulmon.com https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277
    Third Party Advisory
  • energy.gov https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities
    Third Party AdvisoryUS Government Resource
  • ibm.com https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/
    Vendor Advisory
  • kb.cert.org https://www.kb.cert.org/vuls/id/849841/
    Third Party AdvisoryUS Government Resource
  • securityfocus.com https://www.securityfocus.com/bid/56610
    Third Party AdvisoryVDB Entry
  • tenable.com https://www.tenable.com/plugins/nessus/67192
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.