First published: Wed Apr 25 2012(Updated: )
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intuit QuickBooks | =2009 | |
Intuit QuickBooks | =2010 | |
Intuit QuickBooks | =2011 | |
Intuit QuickBooks | =2012 | |
Microsoft Internet Explorer |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.