{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T11:22:17.156","vulnerabilities":[{"cve":{"id":"CVE-2012-3811","sourceIdentifier":"cve@mitre.org","published":"2012-07-03T19:55:04.663","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request."},{"lang":"es","value":"Vulnerabilidad de subida de fichero no restringido en ImageUpload.ashx en la aplicación Wallboard en Avaya IP Office Customer Call Reporter v7.0 anteriores a v7.0.5.8 Q1 2012 Maintenance Release y v8.0 anteriores a v8.0.9.13 Q1 2012 Maintenance Release, permite a atacantes remotos ejecutar código subiendo un fichero ejecutable y accediendo a él a través de una petición directa."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:*","matchCriteriaId":"1D595B22-63D4-4285-AD5C-7A3F8F22457B"},{"vulnerable":true,"criteria":"cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0:*:*:*:*:*:*:*","matchCriteriaId":"FF2A34F3-AF83-4217-9D0C-5883CD5486A8"}]}]}],"references":[{"url":"http://zerodayinitiative.com/advisories/ZDI-12-106/","source":"cve@mitre.org"},{"url":"https://downloads.avaya.com/css/P8/documents/100164021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://zerodayinitiative.com/advisories/ZDI-12-106/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://downloads.avaya.com/css/P8/documents/100164021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/434.html\r\n\r\n'CWE-434: Unrestricted Upload of File with Dangerous Type'"}}]}