CVE Vulnerabilities

CVE-2011-1207

Published: May 05, 2011 | Modified: May 31, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in ActBar.ocx 1.0.6.5 in IBM Rational System Architect 11.4.0.2, 11.4.0.1, and earlier, does not properly restrict the SetLayoutData method, which allows remote attackers to execute arbitrary code via a crafted Data argument, a different vulnerability than CVE-2007-3883. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Rational_system_architect Ibm 11.3 11.3
Rational_system_architect Ibm 11.3.1 11.3.1
Rational_system_architect Ibm 11.3.1.1 11.3.1.1
Rational_system_architect Ibm 11.3.1.2 11.3.1.2
Rational_system_architect Ibm 11.3.1.3 11.3.1.3
Rational_system_architect Ibm 11.4 11.4
Rational_system_architect Ibm 11.4.0.1 11.4.0.1
Rational_system_architect Ibm * 11.4.0.2

References