CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2386

VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.74

EPSS Ranking 98.8%

CVSS Severity

CVSS v2 Score 9.3

References

http://osvdb.org/72464
http://secunia.com/advisories/44636
http://www.exploit-db.com/exploits/17317
http://www.securityfocus.com/bid/47948
http://www.stratsec.net/Research/Advisories/VisiWave-Site-Survey-Report-Trusted-Pointer-%28SS-20
http://www.visiwave.com/blog/index.php?/archives/4-Version-2.1.9-Released.html
http://osvdb.org/72464
http://secunia.com/advisories/44636
http://www.exploit-db.com/exploits/17317
http://www.securityfocus.com/bid/47948
http://www.stratsec.net/Research/Advisories/VisiWave-Site-Survey-Report-Trusted-Pointer-%28SS-20
http://www.visiwave.com/blog/index.php?/archives/4-Version-2.1.9-Released.html

Products affected by CVE-2011-2386

Visiwave » Site Survey » Version: 1.6.12

cpe:2.3:a:visiwave:site_survey:1.6.12
Visiwave » Site Survey » Version: 2.0.12

cpe:2.3:a:visiwave:site_survey:2.0.12
Visiwave » Site Survey » Version: 2.1

cpe:2.3:a:visiwave:site_survey:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2386

Products

Pricing

Contact Us