CVE-2011-3503 : Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and poss

Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published 2011-09-16 17:26:15

Updated 2017-08-29 01:30:13

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2011-3503

Probability of exploitation activity in the next 30 days: 0.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-3503

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2011-3503

https://exchange.xforce.ibmcloud.com/vulnerabilities/69786

eSignal DLL code execution CVE-2011-3503 Vulnerability Report

Products affected by CVE-2011-3503

Interactivedata » Esignal » Version: 10.6.2425.1208
cpe:2.3:a:interactivedata:esignal:10.6.2425.1208:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2011-3503

Exploit prediction scoring system (EPSS) score for CVE-2011-3503

CVSS scores for CVE-2011-3503

References for CVE-2011-3503

Products affected by CVE-2011-3503