Описание
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.0.1 (включая)
Одновременно
cpe:2.3:a:.bbsoftware:bb_flashback:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:ibm:rational_rhapsody:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_rhapsody:7.6:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02089
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors.
EPSS
Процентиль: 84%
0.02089
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-94