CVE-2010-20112

Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments

CVSS

No CVSS.

References

Link	Resource
https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-2013-1344.html
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rb
https://www.amlib.co.uk/product/product.aspx?menuId=top_products
https://www.exploit-db.com/exploits/16793
https://www.fortiguard.com/encyclopedia/ips/24002
https://www.vulncheck.com/advisories/amlibweb-netopacs-stack-buffer-overflow
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rb
https://www.exploit-db.com/exploits/16793

Configurations

No configuration.

History

No history.

Information

Published : 2025-08-21 20:15

Updated : 2025-08-22 18:08

NVD link : CVE-2010-20112

Mitre link : CVE-2010-20112

CVE.ORG link : CVE-2010-20112

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2010-20112", "cveTags": [{"tags": ["unsupported-when-assigned"], "sourceIdentifier": "disclosure@vulncheck.com"}], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-21T20:15:31.217", "references": [{"url": "https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-2013-1344.html", "source": "disclosure@vulncheck.com"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rb", "source": "disclosure@vulncheck.com"}, {"url": "https://www.amlib.co.uk/product/product.aspx?menuId=top_products", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/16793", "source": "disclosure@vulncheck.com"}, {"url": "https://www.fortiguard.com/encyclopedia/ips/24002", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/amlibweb-netopacs-stack-buffer-overflow", "source": "disclosure@vulncheck.com"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rb", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://www.exploit-db.com/exploits/16793", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Amlib\u2019s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments"}, {"lang": "es", "value": "El archivo webquery.dll de NetOpacs de Amlib contiene una vulnerabilidad de desbordamiento de b\u00fafer basada en pila, desencadenada por el manejo incorrecto de par\u00e1metros HTTP GET. En concreto, la aplicaci\u00f3n no aplica l\u00edmites a la entrada suministrada al par\u00e1metro app, lo que permite que un exceso de datos sobrescriba las estructuras de memoria, incluido el Gestor de Excepciones Estructuradas (SEH). Adem\u00e1s, los nombres de par\u00e1metros mal formados seguidos de un signo igual pueden provocar un comportamiento no deseado en el flujo de control. Esta vulnerabilidad se expone a trav\u00e9s de IIS y afecta a las implementaciones heredadas de Windows."}], "lastModified": "2025-08-22T18:08:51.663", "sourceIdentifier": "disclosure@vulncheck.com"}