CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3626

Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.2%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2011-3626

Drusus » Logsurfer » Version: Any

cpe:2.3:a:drusus:logsurfer:*
Drusus » Logsurfer » Version: 1.1

cpe:2.3:a:drusus:logsurfer:1.1
Drusus » Logsurfer » Version: 1.2

cpe:2.3:a:drusus:logsurfer:1.2
Drusus » Logsurfer » Version: 1.3

cpe:2.3:a:drusus:logsurfer:1.3
Drusus » Logsurfer » Version: 1.4

cpe:2.3:a:drusus:logsurfer:1.4
Drusus » Logsurfer » Version: 1.41

cpe:2.3:a:drusus:logsurfer:1.41
Drusus » Logsurfer » Version: 1.5

cpe:2.3:a:drusus:logsurfer:1.5
Drusus » Logsurfer » Version: 1.5a

cpe:2.3:a:drusus:logsurfer:1.5a
Kerry Thompson » Logsurfer+ » Version: Any

cpe:2.3:a:kerry_thompson:logsurfer+:*
Kerry Thompson » Logsurfer+ » Version: 1.5a

cpe:2.3:a:kerry_thompson:logsurfer+:1.5a
Kerry Thompson » Logsurfer+ » Version: 1.5b

cpe:2.3:a:kerry_thompson:logsurfer+:1.5b
Kerry Thompson » Logsurfer+ » Version: 1.6

cpe:2.3:a:kerry_thompson:logsurfer+:1.6
Kerry Thompson » Logsurfer+ » Version: 1.6a

cpe:2.3:a:kerry_thompson:logsurfer+:1.6a
Kerry Thompson » Logsurfer+ » Version: 1.6b

cpe:2.3:a:kerry_thompson:logsurfer+:1.6b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3626

Products

Pricing

Contact Us