CVE-2011-4783

The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted remote attackers to execute arbitrary code via a crafted IDB file, related to improper handling of certain swig_runtime_data files in the current working directory.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:google:idapython:*:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:google:idapython:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:hex-rays:ida:6.0:*:pro:*:*:*:*:*

History

21 Nov 2024, 01:32

Type Values Removed Values Added
References () http://code.google.com/p/idapython/downloads/detail?name=idapython-1.5.2.3_ida6.1_py2.6_win32.zip - Patch () http://code.google.com/p/idapython/downloads/detail?name=idapython-1.5.2.3_ida6.1_py2.6_win32.zip - Patch
References () http://code.google.com/p/idapython/source/detail?r=361 - () http://code.google.com/p/idapython/source/detail?r=361 -
References () http://secunia.com/advisories/47295 - Vendor Advisory () http://secunia.com/advisories/47295 - Vendor Advisory
References () http://technet.microsoft.com/en-us/security/msvr/msvr11-015 - () http://technet.microsoft.com/en-us/security/msvr/msvr11-015 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/71936 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/71936 -

Information

Published : 2011-12-27 11:55

Updated : 2024-11-21 01:32


NVD link : CVE-2011-4783

Mitre link : CVE-2011-4783

CVE.ORG link : CVE-2011-4783


JSON object : View

Products Affected

google

  • idapython

hex-rays

  • ida
CWE
CWE-20

Improper Input Validation