CVE

Id
51406  
CVE No.
CVE-2011-3494  
Status
Candidate  
Description
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20110916)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
553705 51406 CVE-2011-3494 MISC:http://aluigi.altervista.org/adv/esignal_1-adv.txt  View
553706 51406 CVE-2011-3494 SECUNIA:45966  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
32036 JVNDB-2011-002276 Progea Movicon / PowerHMI におけるサービス運用妨害 (メモリ破損およびクラッシュ) の脆弱性 Progea Movicon / PowerHMI には、サービス運用妨害 (メモリ破損およびクラッシュ) 状態となる、および任意のコードを実行される脆弱性が存在します。 CVE-2011-3499 51406 10 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002276.html  View