CVE-2011-3488

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2011-3488
Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://aluigi.altervista.org/adv/metastock_1-adv.txt
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:equis:metastock:10.1:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:10.0:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:9.2:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:9.1:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:9.0:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:*:*:*:*:*:*:*:*
cpe:2.3:a:equis:metastock:8.0:*:*:*:*:*:*:*
Information

Published : 2011-09-16 07:28

Updated : 2012-06-27 21:00

NVD link : CVE-2011-3488

Mitre link : CVE-2011-3488

JSON object : View

CWE
CWE-399

Resource Management Errors

Advertisement

dedicated server usa
Products Affected

equis

  • metastock