Vulnerability Description
AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an indirect call through attacker-controlled memory, resulting in denial-of-service. In some conditions, remote code execution may be possible.
Related Weaknesses (CWE)
References
- https://en.iraifrance.com/automgen
- https://www.exploit-db.com/exploits/17964
- https://www.vulncheck.com/advisories/irai-automgen-use-after-free-remote-dos
- https://www.exploit-db.com/exploits/17964
FAQ
What is CVE-2011-10034?
CVE-2011-10034 is a documented vulnerability. AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when proc...
How severe is CVE-2011-10034?
CVSS scoring is not yet available for CVE-2011-10034. Check NVD for updates.
Is there a patch for CVE-2011-10034?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.