Lucene search
HistoryFeb 07, 2011 - 9:00 p.m.
CVE-2011-0323
cve-2011-0323
topaz systems
sigplus pro
activex control
remote code execution
arbitrary files
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.8%
Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) SigMessage methods to create arbitrary files with arbitrary content.
Affected configurations
Node
topazsystemssigplus_pro_activex_controlMatch3.95
| CPE | Name | Operator | Version |
|---|---|---|---|
| topazsystems:sigplus_pro_activex_control | topazsystems sigplus pro activex control | eq | 3.95 |
References
Social References
More
Related
cvelist
cvelist
CVE-2011-0323
2011-02-07 20:19:00
prion
prion
Code injection
2011-02-07 21:00:00
nvd
nvd
CVE-2011-0323
2011-02-07 21:00:14
nessus
nessus
SigPlus Pro ActiveX Control < 4.29 Multiple Vulnerabilities
2011-02-07 00:00:00
openvas
openvas
Topaz Systems SigPlus Pro ActiveX Control Multiple Vulnerabilities
2011-03-04 00:00:00
Topaz Systems SigPlus Pro ActiveX Control Multiple Vulnerabilities
2011-03-04 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.8%
Related for CVE-2011-0323