Vulnerability Description
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| .Bbsoftware | Bb Flashback | All versions |
| Ibm | Rational Rhapsody | <= 7.6.0.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/47286Vendor Advisory
- http://secunia.com/advisories/47310Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21576352PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71804
- http://secunia.com/advisories/47286Vendor Advisory
- http://secunia.com/advisories/47310Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21576352PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71804
FAQ
What is CVE-2011-1392?
CVE-2011-1392 is a vulnerability with a CVSS score of 9.3 (HIGH). The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) St...
How severe is CVE-2011-1392?
CVE-2011-1392 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1392?
Check the references section above for vendor advisories and patch information. Affected products include: .Bbsoftware Bb Flashback, Ibm Rational Rhapsody.