CVE-2011-0323

{"id": "CVE-2011-0323", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-02-07T21:00:14.680", "references": [{"url": "http://secunia.com/advisories/42800", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2011-1/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/bid/46128", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65117", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/42800", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/secunia_research/2011-1/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/46128", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65117", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) SigMessage methods to create arbitrary files with arbitrary content."}, {"lang": "es", "value": "Topaz Systems SigPlus Pro ActiveX Control v3.95, y posiblemente otras versiones anteriores a v4.29, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una llamada los m\u00e9todos afectados (1) SetLogFilePath y (2) SigMessage para crear archivos arbitrarios con contenido arbitrario."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:topazsystems:sigplus_pro_activex_control:3.95:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96B79327-3661-43C4-8D46-DE5A995FFF6A"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}