Unrated severityNVD Advisory· Published Nov 17, 2012· Updated Jun 16, 2026
CVE-2012-5896
CVE-2012-5896
Description
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:quest:intrust:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:quest:intrust:*:*:*:*:*:*:*:*range: <=10.4.0.853
- cpe:2.3:a:quest:intrust:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:quest:intrust:10.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:quest:intrust:10.3:*:*:*:*:*:*:*
- cpe:2.3:a:quest:intrust:10.4:*:*:*:*:*:*:*
- (no CPE)range: <=10.4.0.853
Patches
Vulnerability mechanics
References
9- archives.neohapsis.com/archives/bugtraq/2012-03/0153.htmlnvdExploit
- dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/intrust_annotatex_add.rbnvdExploit
- packetstormsecurity.org/files/111853/Quest-InTrust-Annotation-Objects-Uninitialized-Pointer.htmlnvdExploit
- www.exploit-db.com/exploits/18674nvdExploit
- www.securityfocus.com/bid/52765nvdExploit
- secunia.com/advisories/48566nvdVendor Advisory
- osvdb.org/80662nvd
- packetstormsecurity.org/files/111312/Quest-InTrust-10.4.x-Annotation-Objects-Code-Execution.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/74448nvd
News mentions
0No linked articles in our index yet.