Lucene search

FlexeraCVE-2011-0324

HistoryFeb 07, 2011 - 9:00 p.m.

CVE-2011-0324

2011-02-0721:00:14

CWE-119

flexera

web.nvd.nist.gov

cve-2011-0324

topaz systems sigplus

buffer overflows

activex control

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.1

Percentile

94.9%

JSON

Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyString property, (2) NewPath parameter to the SetLocalIniFilePath method, or (3) NewPortPath parameter to the SetTabletPortPath method.

Affected configurations

Nvd

Node

topazsystemssigplus_pro_activex_controlMatch3.95

VendorProductVersionCPE
topazsystemssigplus_pro_activex_control3.95cpe:2.3:a:topazsystems:sigplus_pro_activex_control:3.95:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
topazsystems	sigplus_pro_activex_control	3.95	cpe:2.3:a:topazsystems:sigplus_pro_activex_control:3.95:::::::*

References

secunia.com/advisories/42800

secunia.com/secunia_research/2011-2/

www.securityfocus.com/bid/46128

exchange.xforce.ibmcloud.com/vulnerabilities/65114

exchange.xforce.ibmcloud.com/vulnerabilities/65115

exchange.xforce.ibmcloud.com/vulnerabilities/65116

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.1

Percentile

94.9%

JSON

Related for CVE-2011-0324