Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-2386
cve
visiwavereport.exe
azo technologies
inc
visiwave site survey
code execution
remote attackers
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.91 High
EPSS
Percentile
98.9%
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.
Affected configurations
Node
visiwavesite_surveyRange≤2.1
ORvisiwavesite_surveyMatch1.6.12
ORvisiwavesite_surveyMatch2.0.12
Related
nvd
nvd
CVE-2011-2386
2011-06-08 10:36:14
cvelist
cvelist
CVE-2011-2386
2022-10-03 16:15:16
prion
prion
Null pointer dereference
2011-06-08 10:36:00
nessus
nessus
VisiWave Site Survey Report VWR File Handling Overflow
2011-05-25 00:00:00
openvas
openvas
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
VisiWave VWR File Parsing (CVE-2011-2386)
2014-10-05 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.91 High
EPSS
Percentile
98.9%
Related for CVE-2011-2386