CVE-2011-0323 : Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions befo

Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) SigMessage methods to create arbitrary files with arbitrary content.

Published 2011-02-07 21:00:15

Updated 2025-04-11 00:51:22

Source Flexera Software LLC

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2011-0323

Topazsystems » Sigplus Pro Activex Control » Version: 3.95
cpe:2.3:a:topazsystems:sigplus_pro_activex_control:3.95:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-0323

EPSS FAQ

2.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-0323

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2011-0323

http://secunia.com/secunia_research/2011-1/

Secunia Research Advisories | Flexera
Vendor Advisory
http://secunia.com/advisories/42800

Sign in
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/65117

SigPlus Pro ActiveX control SigMessage() file overwrite CVE-2011-0323 Vulnerability Report
http://www.securityfocus.com/bid/46128

SigPlus Pro ActiveX Control Multiple Vulnerabilities

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2011-0323

Products affected by CVE-2011-0323

Exploit prediction scoring system (EPSS) score for CVE-2011-0323

CVSS scores for CVE-2011-0323

References for CVE-2011-0323