CVE-2012-10058

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process.

CVSS

No CVSS.

References

Link	Resource
http://aluigi.altervista.org/adv/r4_1-adv.txt
https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-07-jan405.html
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb
https://www.exploit-db.com/exploits/18929
https://www.rabidhamster.org/R4/download.php
https://www.vulncheck.com/advisories/rabidhamster-r4-log-entry-buffer-overflow
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb

Configurations

No configuration.

History

14 Aug 2025, 15:15

Type	Values Removed	Values Added
References	~~() https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb -~~	() https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb -

14 Aug 2025, 13:11

Type	Values Removed	Values Added
Summary		(es) RabidHamster R4 v1.25 contiene una vulnerabilidad de desbordamiento de búfer en la pila debido al uso inseguro de sprintf() al registrar solicitudes HTTP malformadas. Un atacante remoto puede explotar esta vulnerabilidad enviando una URI especialmente manipulada, lo que provoca la ejecución de código arbitrario en el contexto del proceso del servidor web.

13 Aug 2025, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-13 21:15

Updated : 2025-08-14 15:15

NVD link : CVE-2012-10058

Mitre link : CVE-2012-10058

CVE.ORG link : CVE-2012-10058

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2012-10058", "cveTags": [{"tags": ["unsupported-when-assigned"], "sourceIdentifier": "disclosure@vulncheck.com"}], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 10.0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-13T21:15:30.290", "references": [{"url": "http://aluigi.altervista.org/adv/r4_1-adv.txt", "source": "disclosure@vulncheck.com"}, {"url": "https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-07-jan405.html", "source": "disclosure@vulncheck.com"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/18929", "source": "disclosure@vulncheck.com"}, {"url": "https://www.rabidhamster.org/R4/download.php", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/rabidhamster-r4-log-entry-buffer-overflow", "source": "disclosure@vulncheck.com"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/rabidhamster_r4_log.rb", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "RabidHamster R4 v1.25 contains a\u00a0stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process."}, {"lang": "es", "value": "RabidHamster R4 v1.25 contiene una vulnerabilidad de desbordamiento de b\u00fafer en la pila debido al uso inseguro de sprintf() al registrar solicitudes HTTP malformadas. Un atacante remoto puede explotar esta vulnerabilidad enviando una URI especialmente manipulada, lo que provoca la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del proceso del servidor web."}], "lastModified": "2025-08-14T15:15:31.023", "sourceIdentifier": "disclosure@vulncheck.com"}