Lucene search

K

[email protected]NVD:CVE-2011-1207

HistoryMay 05, 2011 - 2:39 a.m.

CVE-2011-1207

2011-05-0502:39:46

CWE-863

[email protected]

web.nvd.nist.gov

1

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.135 Low

EPSS

Percentile

95.7%

The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in ActBar.ocx 1.0.6.5 in IBM Rational System Architect 11.4.0.2, 11.4.0.1, and earlier, does not properly restrict the SetLayoutData method, which allows remote attackers to execute arbitrary code via a crafted Data argument, a different vulnerability than CVE-2007-3883. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

ibmrational_system_architectRange≤11.4.0.2

OR

ibmrational_system_architectMatch11.3

OR

ibmrational_system_architectMatch11.3.1

OR

ibmrational_system_architectMatch11.3.1.1

OR

ibmrational_system_architectMatch11.3.1.2

OR

ibmrational_system_architectMatch11.3.1.3

OR

ibmrational_system_architectMatch11.4

OR

ibmrational_system_architectMatch11.4.0.1

References

secunia.com/advisories/43399

secunia.com/advisories/43474

securitytracker.com/id?1025464

www.securityfocus.com/bid/47643

www.vupen.com/english/advisories/2011/1129

www.ibm.com/support/docview.wss?uid=swg21497689

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.135 Low

EPSS

Percentile

95.7%

Related for NVD:CVE-2011-1207

prion2 cve2 nessus2 cvelist2 nvd1 ics1 checkpoint_advisories1 openvas1