Vulnerability Description
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| .Bbsoftware | Bb Flashback | All versions |
| Ibm | Rational Rhapsody | <= 7.6.0.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/47286Vendor Advisory
- http://secunia.com/advisories/47310Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21576352PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71694
- http://secunia.com/advisories/47286Vendor Advisory
- http://secunia.com/advisories/47310Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21576352PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71694
FAQ
What is CVE-2011-1388?
CVE-2011-1388 is a vulnerability with a CVSS score of 9.3 (HIGH). The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCo...
How severe is CVE-2011-1388?
CVE-2011-1388 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1388?
Check the references section above for vendor advisories and patch information. Affected products include: .Bbsoftware Bb Flashback, Ibm Rational Rhapsody.