Vulnerability Details CVE-2011-0324
Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyString property, (2) NewPath parameter to the SetLocalIniFilePath method, or (3) NewPortPath parameter to the SetTabletPortPath method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.129
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/42800
- http://secunia.com/secunia_research/2011-2/
- http://www.securityfocus.com/bid/46128
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65116
- http://secunia.com/advisories/42800
- http://secunia.com/secunia_research/2011-2/
- http://www.securityfocus.com/bid/46128
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65116
Products affected by CVE-2011-0324
-
cpe:2.3:a:topazsystems:sigplus_pro_activex_control:3.95