{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "47286", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47286"}, {"name": "rr-bcf-code-execution(71694)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71694"}, {"name": "47310", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47310"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1388", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "47286", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47286"}, {"name": "rr-bcf-code-execution(71694)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71694"}, {"name": "47310", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47310"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:21:34.513Z"}, "title": "CVE Program Container", "references": [{"name": "47286", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47286"}, {"name": "rr-bcf-code-execution(71694)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71694"}, {"name": "47310", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47310"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1388", "datePublished": "2011-12-23T22:00:00", "dateReserved": "2011-03-10T00:00:00", "dateUpdated": "2024-08-06T22:21:34.513Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:.bbsoftware:bb_flashback:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF7911FB-D2DE-4571-A8F3-167C8DA4E2B0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_rhapsody:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7A262C5-3999-4878-8A8E-808FEA31BB69", "versionEndIncluding": "7.6.0.1", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B5E0E9E-FF44-46BE-9BAB-4C907AE23B46", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6A206B67-3D12-4BCD-9116-9AD12910E89F", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "2E147396-F813-4DD7-A492-C58538FB4926", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9619D07C-FF49-499E-BD12-D550C3BEFE96", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "498C1B70-25A6-44AF-9EDC-EA396153A1C1", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B72DB790-D922-4F9D-900D-F2E24FD6171F", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8513CB6-CB88-4350-BBF0-9B8997D6B4ED", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC6C0CF8-D4BE-4095-A552-113B681B8E30", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "80939055-FE60-440F-B018-6EAE05D6638E", "vulnerable": false}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "36E9BFF1-6D25-4B51-9288-FCDB4093449B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Blueberry FlashBack ActiveX control en BB FlashBack Recorder.dll en Blueberry BB FlashBack, como se usba en IBM Rational Rhapsody anterior a v7.6.1 y otros productos, no implementa correctamente el m\u00e9todo TestCompatibilityRecordMode, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario mediante vectores no especificados."}], "id": "CVE-2011-1388", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-12-23T22:55:00.770", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47286"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47310"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71694"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47286"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47310"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71694"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}