CVE-2012-6275

Bigantsoft Bigant IM Message Server - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24527

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Hamburgers Maccoy, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/bigant_server_sch_dupf_bof.rb

View Code ZIP pw:eip

References (1)

[US Government Resource] http://www.kb.cert.org/vuls/id/990652

Scores

EPSS 0.7651

EPSS Percentile 98.9%

Details

CWE

CWE-119

Status published

Products (1)

bigantsoft/bigant_im_message_server

Published Feb 24, 2013

Tracked Since Feb 18, 2026