CVE-2012-2422

UNRATEDInfo disclosure

Description

Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.

Affected products

intuit / quickbooks2009 – 2009
intuit / quickbooks2010 – 2010
intuit / quickbooks2011 – 2011
intuit / quickbooks2012 – 2012

References

MISChttp://www.securityfocus.com/archive/1/522139
MISChttp://www.kb.cert.org/vuls/id/232979
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/75173

Updated 43m ago · 2 sources