CyberSec.Space Logo
Back to CVE Browser

CVE-2012-0985

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0570%
EPSS Percentile12.44th
PublishedJun 7, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.

Affected Platforms (CPE)

πŸ“¦
Sony

Smartwi Connection Utillity

= 4.7
πŸ“¦
Sony

Smartwi Connection Utillity

= 4.7.4
πŸ“¦
Sony

Smartwi Connection Utillity

= 4.8
πŸ“¦
Sony

Smartwi Connection Utillity

= 4.9
πŸ“¦
Sony

Smartwi Connection Utillity

= 4.10
πŸ“¦
Sony

Smartwi Connection Utillity

= 4.11
πŸ“¦
Sony

Vaio Easy Connect

= 1.0.0
πŸ“¦
Sony

Vaio Easy Connect

= 1.1.0
πŸ“¦
Sony

Vaio Pc Wireless Lan Wizard

= 1.0
πŸ“¦
Sony

Vaio Wireless Wizard

= 1.00
πŸ“¦
Sony

Vaio Wireless Wizard

= 1.00_64
πŸ“¦
Sony

Vaio Wireless Wizard

= 1.01
πŸ“¦
Sony

Vaio Wireless Wizard

= 2.0
πŸ“¦
Sony

Vaio Wireless Wizard

= 3.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-05/0147.html
πŸ”— http://esupport.sony.com/US/perl/support-info.pl?template_id=1&info_id=946
πŸ”— http://osvdb.org/82401
πŸ”— http://secunia.com/advisories/49340
πŸ”— http://www.exploit-db.com/exploits/18958
πŸ”— http://www.securityfocus.com/bid/53735
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/75978
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-05/0147.html

Related Vulnerabilities

CVE-2012-140910.0

Unspecified vulnerability in the Tiny Password (com.tinycouch.android.freepassword) application 1.64 for Android has unknown impac...

CVE-2012-012110.0

Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows re...

CVE-2012-112610.0

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a deni...

CVE-2012-147410.0

Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attac...