CVE-2011-1719

{"id": "CVE-2011-1719", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-04-27T01:25:33.697", "references": [{"url": "http://secunia.com/advisories/43681", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/secunia_research/2011-34/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/secunia_research/2011-35/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/8226", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1025424", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/517625/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/47521", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/1066", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66903", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66904", "source": "cve@mitre.org"}, {"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BDED5B724-B500-46DA-A855-B2AF457B5364%7D", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en los controles ActiveX en CA Output Management Web Viewer v11.0 y 11.5 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) un valor largo en la propiedad SRC para el control ActiveX PPSViewer en PPSView.ocx antes de v1.0.0.7 o (2) un valor largo en la propiedad Title para el control ActiveX UOMWV_Helper  en UOMWV_HelperActiveX.ocx antes de 11.5.0.1."}], "lastModified": "2023-11-07T02:07:04.907", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:output_management_web_viewer:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B5F3591-6FAC-4101-AA6D-30954CDAD406"}, {"criteria": "cpe:2.3:a:broadcom:output_management_web_viewer:11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98F85FB7-A7AA-4CCC-AE57-09B3E32F78C7"}], "operator": "OR"}]}], "evaluatorComment": "Vendor Advisory: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={DED5B724-B500-46DA-A855-B2AF457B5364}", "sourceIdentifier": "cve@mitre.org"}