CVE-2011-1391: Code Injection
First published: Fri Dec 23 2011(Updated: )
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| .bbsoftware Bb Flashback | ||
| IBM Rational Rhapsody | <=7.6.0.1 | |
| IBM Rational Rhapsody | =7.5 | |
| IBM Rational Rhapsody | =7.5.0.1 | |
| IBM Rational Rhapsody | =7.5.1 | |
| IBM Rational Rhapsody | =7.5.1.1 | |
| IBM Rational Rhapsody | =7.5.2 | |
| IBM Rational Rhapsody | =7.5.2.1 | |
| IBM Rational Rhapsody | =7.5.3 | |
| IBM Rational Rhapsody | =7.5.3.1 | |
| IBM Rational Rhapsody | =7.5.3.2 | |
| IBM Rational Rhapsody | =7.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/.bbsoftware
- canonical/.bbsoftware bb flashback
- vendor/ibm
- canonical/ibm rational rhapsody
- version/ibm rational rhapsody/7.6.0.1
- version/ibm rational rhapsody/7.5
- version/ibm rational rhapsody/7.5.0.1
- version/ibm rational rhapsody/7.5.1
- version/ibm rational rhapsody/7.5.1.1
- version/ibm rational rhapsody/7.5.2
- version/ibm rational rhapsody/7.5.2.1
- version/ibm rational rhapsody/7.5.3
- version/ibm rational rhapsody/7.5.3.1
- version/ibm rational rhapsody/7.5.3.2
- version/ibm rational rhapsody/7.6