logo_clicknbuy.png

CVE-2010-20112 – Amlib NetOpacs Webquery.dll Stack Buffer Overflow and Control Flow Vulnerability

The following table lists the changes that have been made to the
CVE-2010-20112 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Aug. 21, 2025

    Action Type Old Value New Value
    Added Tag unsupported-when-assigned
    Added Description Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-121
    Added Reference https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-2013-1344.html
    Added Reference https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rb
    Added Reference https://www.amlib.co.uk/product/product.aspx?menuId=top_products
    Added Reference https://www.exploit-db.com/exploits/16793
    Added Reference https://www.fortiguard.com/encyclopedia/ips/24002
    Added Reference https://www.vulncheck.com/advisories/amlibweb-netopacs-stack-buffer-overflow
Share the Post:

Related Posts