Lucene search

[email protected]CVE-2011-5288

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5288

2022-10-0316:15:12

CWE-119

[email protected]

web.nvd.nist.gov

cve

threedifydesigner

buffer overflow

activex control

security vulnerability

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.8%

JSON

Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allow remote attackers to execute arbitrary code via a long argument to the (1) cmdExport, (2) cmdImport, (3) cmdOpen, or (4) cmdSave method.

Affected configurations

NVD

Node

threedifythreedify_designerMatch5.0.2

CPENameOperatorVersion
threedify:threedify_designerthreedify threedify designereq5.0.2

CPE	Name	Operator	Version
threedify:threedify_designer	threedify threedify designer	eq	5.0.2

References

www.htbridge.com/advisory/HTB23020

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.8%

JSON

Related for CVE-2011-5288

nvd1 cvelist1 prion1