Interactive Data eSignal Stack Buffer Overflow (CVE-2011-3494)

A stack buffer overflow vulnerability exists in Interactive Data eSignal. The vulnerability is due to insufficient string length validation when copying input into a fixed size stack buffer in certain file types.A remote attacker may exploit this issue by enticing a target user to open a speciall...

eSignal WinSig.exe long StyleTemplate buffer overflow

Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...

eSignal WinSig.exe long StyleTemplate buffer overflow

Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...

eSignal / eSignal Pro 10.6.2425.1208 Buffer Overflow

$Id: esignalstyletemplatebof.rb 13768 2011-09-21 11:55:56Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

eSignal and eSignal Pro File Parsing Buffer Overflow in QUO

The software is unable to handle the "" files even those original included in the program like those with the registered extensions QUO, SUM and POR. Successful exploitation of this vulnerability may take up to several seconds due to the use of egghunter. Also, DEP bypass is unlikely due to the...

CVE-2011-3494

creationtimestamp| type| source ---|---|--- 2011-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17880 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/esignalstyletemplatebof.rb 2025-02-06...

CVE-2011-3494

WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or 2 a long Font-FaceName field aka FaceName...

CVE-2011-3494

WinSig.exe in eSignal 10.6.2425 and earlier is affected by CVE-2011-3494. The vulnerability allows a remote attacker to crash the application and possibly execute arbitrary code via a long StyleTemplate element in QUO/SUM/POR files (stack-based buffer overflow) or a long Font->FaceName field (...