Memory Leak in Intuit QuickBooks 2009-2012: Denial of Service via Multiple References in intu-help-qb Handlers

Memory Leak in Intuit QuickBooks 2009-2012: Denial of Service via Multiple References in intu-help-qb Handlers

CVE-2012-2419 · LOW Severity

AV:A/AC:H/AU:N/C:N/I:N/A:P

Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair.

Learn more about our Web Application Penetration Testing UK.