Skip to main content

CVE-2012-2424

Severity Low
Score 1.8/10

Summary

The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter.

  • HIGH
  • ADJACENT_NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published