Lucene search
HistoryJun 08, 2011 - 10:36 a.m.
CVE-2011-2386
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.851
Percentile
98.6%
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.
Affected configurations
Node
visiwavesite_surveyRange≤2.1
ORvisiwavesite_surveyMatch1.6.12
ORvisiwavesite_surveyMatch2.0.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| visiwave | site_survey | * | cpe:2.3:a:visiwave:site_survey:*:*:*:*:*:*:*:* |
| visiwave | site_survey | 1.6.12 | cpe:2.3:a:visiwave:site_survey:1.6.12:*:*:*:*:*:*:* |
| visiwave | site_survey | 2.0.12 | cpe:2.3:a:visiwave:site_survey:2.0.12:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-2386
2011-06-08 10:00:00
cve
cve
CVE-2011-2386
2011-06-08 10:36:14
metasploit
metasploit
VisiWave VWR File Parsing Vulnerability
2011-05-23 16:28:38
exploitdb
exploitdb
VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit)
2011-05-23 00:00:00
prion
prion
Null pointer dereference
2011-06-08 10:36:00
nessus
nessus
VisiWave Site Survey Report VWR File Handling Overflow
2011-05-25 00:00:00
openvas
openvas
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
VisiWave VWR File Parsing (CVE-2011-2386)
2014-10-05 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.851
Percentile
98.6%
Related for NVD:CVE-2011-2386