Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2011-2386
HistoryJun 08, 2011 - 10:36 a.m.

CVE-2011-2386

2011-06-0810:36:14
CWE-94
mitre
web.nvd.nist.gov
28
cve
visiwavereport.exe
azo technologies
inc
visiwave site survey
code execution
remote attackers
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.851

Percentile

98.6%

JSON

VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.

Affected configurations

Nvd
Node
visiwavesite_surveyRange2.1
OR
visiwavesite_surveyMatch1.6.12
OR
visiwavesite_surveyMatch2.0.12
VendorProductVersionCPE
visiwavesite_survey*cpe:2.3:a:visiwave:site_survey:*:*:*:*:*:*:*:*
visiwavesite_survey1.6.12cpe:2.3:a:visiwave:site_survey:1.6.12:*:*:*:*:*:*:*
visiwavesite_survey2.0.12cpe:2.3:a:visiwave:site_survey:2.0.12:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
exploitdb 1
metasploit 1
prion 1
nessus 1
openvas 2
checkpoint_advisories 1
cvelist
cvelist
CVE-2011-2386
2011-06-08 10:00:00
nvd
nvd
CVE-2011-2386
2011-06-08 10:36:14
exploitdb
exploitdb
VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit)
2011-05-23 00:00:00
metasploit
metasploit
VisiWave VWR File Parsing Vulnerability
2011-05-23 16:28:38
prion
prion
Null pointer dereference
2011-06-08 10:36:00
nessus
nessus
VisiWave Site Survey Report VWR File Handling Overflow
2011-05-25 00:00:00
openvas
openvas
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
VisiWave Site Survey Arbitrary Code Execution Vulnerability
2011-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
VisiWave VWR File Parsing (CVE-2011-2386)
2014-10-05 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.851

Percentile

98.6%

JSON
Related for CVE-2011-2386
cvelist1nvd1exploitdb1metasploit1prion1nessus1openvas2checkpoint_advisories1