CVE-2011-1392

critical

Description

The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/71804

http://www-01.ibm.com/support/docview.wss?uid=swg21576352

http://secunia.com/advisories/47310

http://secunia.com/advisories/47286

Details

Source: Mitre, NVD

Published: 2011-12-23

Updated: 2017-08-17

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical