Blueberry FlashBack SDK 'BB FlashBack Recorder.dll' Remote Code Execution

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has an ActiveX control installed that is affected by
multiple remote code execution vulnerabilities.

Description :

The remote host has a vulnerable version of the Blueberry
'BB FlashBack Recorder.dll' control installed. This control is
affected by multiple unspecified remote code execution
vulnerabilities related the 'FBRecorder' class and the 'Start()',
'PauseAndSave()', 'InsertMarker()', 'InsertSoundToFBRAtMarker()', and
'TestCompatibilityRecordMode()' methods. By tricking a victim into
visiting a specially crafted web page, an attacker could take
advantage of one of these issues to execute arbitrary code in the
context of the application.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-12-028
http://www.zerodayinitiative.com/advisories/ZDI-12-029
http://www.zerodayinitiative.com/advisories/ZDI-12-030
http://www.securityfocus.com/archive/1/521546/30/0/threaded
http://www.securityfocus.com/archive/1/521547/30/0/threaded
http://www.securityfocus.com/archive/1/521548/30/0/threaded
http://www-01.ibm.com/support/docview.wss?uid=swg21576352
http://www.bbsoftware.co.uk/BBFlashBack/Home.aspx

Solution :

If you are running IBM Rational Rhapsody 7.6 or earlier, see the IBM
advisory for upgrade instructions. Otherwise, either upgrade the
control to version 2.0.0.214 (or greater), remove the software, or set
the kill bit for the affected control.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 57729 ()

Bugtraq ID: 51184

CVE ID: CVE-2011-1388
CVE-2011-1391
CVE-2011-1392

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now