← Back

CVE-2011-1391

nvd nist
Published: Dec 23, 2011Modified: Apr 29, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via unspecified vectors.

Affected (1)

.bbsoftware
1 product
Bb Flashback
Configuration A
1 vulnerable · 11 platform
Vulnerable SoftwareAffected Versions
Bb Flashback
All versions
Running on/withPlatform Versions
Ibm
Rational Rhapsody
Up to 7.6.0.1
Ibm
Rational Rhapsody
Version 7.5.0.1
Ibm
Rational Rhapsody
Version 7.5.1.1
Ibm
Rational Rhapsody
Version 7.5.1
Ibm
Rational Rhapsody
Version 7.5.2.1
Ibm
Rational Rhapsody
Version 7.5.2
Ibm
Rational Rhapsody
Version 7.5.3.1
Ibm
Rational Rhapsody
Version 7.5.3.2
Ibm
Rational Rhapsody
Version 7.5.3
Ibm
Rational Rhapsody
Version 7.5
Ibm
Rational Rhapsody
Version 7.6

Related CWEs

CWE-94
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (8)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.