CVE-2011-1391

{"id": "CVE-2011-1391", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-12-23T22:55:00.817", "references": [{"url": "http://secunia.com/advisories/47286", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47310", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71803", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Blueberry FlashBack ActiveX control en BB FlashBack Recorder.dll en Blueberry BB FlashBack, como se usba en IBM Rational Rhapsody anterior a v7.6.1 y otros productos, no implementa correctamente el m\u00e9todo InsertMarket, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario mediante vectores no especificados."}], "lastModified": "2017-08-17T01:34:07.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:.bbsoftware:bb_flashback:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF7911FB-D2DE-4571-A8F3-167C8DA4E2B0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_rhapsody:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7A262C5-3999-4878-8A8E-808FEA31BB69", "versionEndIncluding": "7.6.0.1"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B5E0E9E-FF44-46BE-9BAB-4C907AE23B46"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.0.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A206B67-3D12-4BCD-9116-9AD12910E89F"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2E147396-F813-4DD7-A492-C58538FB4926"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9619D07C-FF49-499E-BD12-D550C3BEFE96"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "498C1B70-25A6-44AF-9EDC-EA396153A1C1"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B72DB790-D922-4F9D-900D-F2E24FD6171F"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8513CB6-CB88-4350-BBF0-9B8997D6B4ED"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC6C0CF8-D4BE-4095-A552-113B681B8E30"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80939055-FE60-440F-B018-6EAE05D6638E"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36E9BFF1-6D25-4B51-9288-FCDB4093449B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}