CVE-2011-0324

EUVD-2011-0350
Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyString property, (2) NewPath parameter to the SetLocalIniFilePath method, or (3) NewPortPath parameter to the SetTabletPortPath method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
topazsystemssigplus_pro_activex_control
3.95
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/42800
http://secunia.com/secunia_research/2011-2/
http://www.securityfocus.com/bid/46128
https://exchange.xforce.ibmcloud.com/vulnerabilities/65114
https://exchange.xforce.ibmcloud.com/vulnerabilities/65115
https://exchange.xforce.ibmcloud.com/vulnerabilities/65116
http://secunia.com/advisories/42800
http://secunia.com/secunia_research/2011-2/
http://www.securityfocus.com/bid/46128
https://exchange.xforce.ibmcloud.com/vulnerabilities/65114
https://exchange.xforce.ibmcloud.com/vulnerabilities/65115
https://exchange.xforce.ibmcloud.com/vulnerabilities/65116