CVE-2012-0985

Exp

Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.

Published: 2012-06-07 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2012-0985 is rated High Exploit Risk (81.2/100): CVSS Critical severity, with high exploitation likelihood (EPSS 33.90%, 97th percentile). 3 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2012-0985

EDB-ID Source Kind Published Link
18958 exploit_db edb 2012-05-31 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2012-0985

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-05-28 38.89% 33.90% -5.00%
2 2026-04-29 49.23% 38.89% -10.33%
3 2026-02-06 49.23%

Full EPSS history (17 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-0985

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2012-0985

Affected software / configurations for CVE-2012-0985

Vendor Product Version Raw CPE
sony smartwi_connection_utillity 4.7 cpe:2.3:a:sony:smartwi_connection_utillity:4.7:*:*:*:*:*:*:*
sony smartwi_connection_utillity 4.7.4 cpe:2.3:a:sony:smartwi_connection_utillity:4.7.4:*:*:*:*:*:*:*
sony smartwi_connection_utillity 4.8 cpe:2.3:a:sony:smartwi_connection_utillity:4.8:*:*:*:*:*:*:*
sony smartwi_connection_utillity 4.9 cpe:2.3:a:sony:smartwi_connection_utillity:4.9:*:*:*:*:*:*:*
sony smartwi_connection_utillity 4.10 cpe:2.3:a:sony:smartwi_connection_utillity:4.10:*:*:*:*:*:*:*
sony smartwi_connection_utillity 4.11 cpe:2.3:a:sony:smartwi_connection_utillity:4.11:*:*:*:*:*:*:*
sony vaio_easy_connect 1.0.0 cpe:2.3:a:sony:vaio_easy_connect:1.0.0:*:*:*:*:*:*:*
sony vaio_easy_connect 1.1.0 cpe:2.3:a:sony:vaio_easy_connect:1.1.0:*:*:*:*:*:*:*
sony vaio_pc_wireless_lan_wizard 1.0 cpe:2.3:a:sony:vaio_pc_wireless_lan_wizard:1.0:*:*:*:*:*:*:*
sony vaio_wireless_wizard 1.00 cpe:2.3:a:sony:vaio_wireless_wizard:1.00:*:*:*:*:*:*:*
sony vaio_wireless_wizard 1.00_64 cpe:2.3:a:sony:vaio_wireless_wizard:1.00_64:*:*:*:*:*:*:*
sony vaio_wireless_wizard 1.01 cpe:2.3:a:sony:vaio_wireless_wizard:1.01:*:*:*:*:*:*:*
sony vaio_wireless_wizard 2.0 cpe:2.3:a:sony:vaio_wireless_wizard:2.0:*:*:*:*:*:*:*
sony vaio_wireless_wizard 3.0 cpe:2.3:a:sony:vaio_wireless_wizard:3.0:*:*:*:*:*:*:*

References for CVE-2012-0985

cvelogic Threat Intelligence