Denial of Service Vulnerability in Intuit QuickBooks 2009-2012

CVE-2012-2424 · LOW Severity

AV:A/AC:H/AU:N/C:N/I:N/A:P

The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter.

Learn more about our Web Application Penetration Testing UK.