VisiWave Site Survey Arbitrary Code Execution Vulnerability Network Vulnerability

Summary

This host is installed with VisiWave Site Survey and is prone to arbitrary code execution vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code. Impact Level: Application.

Solution

Upgrade to VisiWave Site Survey version 2.1.9 or later. For updates refer to http://www.visiwave.com/index.php/ScrInfoDownload.html

Insight

The flaw exists due to an error when processing report files and can be exploited to perform a virtual function call into an arbitrary memory location via a specially crafted 'Type' property.

Affected

VisiWave Site Survey version prior to 2.1.9

References

http://secunia.com/advisories/44636
http://www.visiwave.com/blog/index.php?/archives/4-Version-2.1.9-Released.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2011-2386

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)

Take action and discover your vulnerabilities