Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1392

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1392
Last Modified 26 Dec 2011 12:00:00
Published 23 Dec 2011 05:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1392

Summary

The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • .bbsoftware Bb Flashback


References

XF - ibm-ratth-bbfb-code-execution(71804)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21576352

SECUNIA - 47310

SECUNIA - 47286


Last Updated: 27 May 2016 10:57:16