CVE-2011-3494 : WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a d

WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

Published 2011-09-16 14:28:13

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2011-3494

Interactivedata » Esignal
Versions up to, including, (<=) 10.6.2425
cpe:2.3:a:interactivedata:esignal:*:*:*:*:*:*:*:*
Matching versions
Interactivedata » Esignal » Version: 10.6
cpe:2.3:a:interactivedata:esignal:10.6:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-3494

EPSS FAQ

77.72%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2011-3494

eSignal and eSignal Pro File Parsing Buffer Overflow in QUO

Disclosure Date: 2011-09-06

First seen: 2020-04-26

exploit/windows/fileformat/esignal_styletemplate_bof

The software is unable to handle the "<StyleTemplate>" files (even those original included in the program) like those with the registered extensions QUO, SUM and POR. Successful exploitation of this vulnerability may take up to several seconds due to the use of

More information

CVSS scores for CVE-2011-3494

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2011-3494

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-3494

http://secunia.com/advisories/45966

Sign in
Vendor Advisory

CVEs referencing this url
http://aluigi.altervista.org/adv/esignal_1-adv.txt

Exploit

Jump to