CVE-2011-1392

{"id": "CVE-2011-1392", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-12-23T22:55:00.863", "references": [{"url": "http://secunia.com/advisories/47286", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47310", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71804", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47286", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/47310", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71804", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Blueberry FlashBack ActiveX control en BB FlashBack Recorder.dll en Blueberry BB FlashBack, como se usaba en IBM Rational Rhapsody anterior a v7.6.1 y otros productos, no implementa correctamente los m\u00e9todos (1) Start, (2) PauseAndSave, (3) InsertMarker, y(4) InsertSoundToFBRAtMarker, los cuales permiten a atacantes remotos ejecutar comandos arbitrarios mediante vectores desconocidos"}], "lastModified": "2024-11-21T01:26:12.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:.bbsoftware:bb_flashback:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF7911FB-D2DE-4571-A8F3-167C8DA4E2B0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_rhapsody:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7A262C5-3999-4878-8A8E-808FEA31BB69", "versionEndIncluding": "7.6.0.1"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B5E0E9E-FF44-46BE-9BAB-4C907AE23B46"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.0.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A206B67-3D12-4BCD-9116-9AD12910E89F"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2E147396-F813-4DD7-A492-C58538FB4926"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9619D07C-FF49-499E-BD12-D550C3BEFE96"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "498C1B70-25A6-44AF-9EDC-EA396153A1C1"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B72DB790-D922-4F9D-900D-F2E24FD6171F"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8513CB6-CB88-4350-BBF0-9B8997D6B4ED"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC6C0CF8-D4BE-4095-A552-113B681B8E30"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80939055-FE60-440F-B018-6EAE05D6638E"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36E9BFF1-6D25-4B51-9288-FCDB4093449B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}