CVE-2011-1392

EUVD-2011-1399
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
.bbsoftwarebb_flashback
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/47286
http://secunia.com/advisories/47310
http://www-01.ibm.com/support/docview.wss?uid=swg21576352
https://exchange.xforce.ibmcloud.com/vulnerabilities/71804
http://secunia.com/advisories/47286
http://secunia.com/advisories/47310
http://www-01.ibm.com/support/docview.wss?uid=swg21576352
https://exchange.xforce.ibmcloud.com/vulnerabilities/71804