#VU33119 Input validation error - CVE-2011-1761
Published: June 7, 2012 / Updated: August 4, 2020
Vulnerability identifier: #VU33119
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2011-1761
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Software vendor:
Description
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
External links
- http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html
- http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
- http://secunia.com/advisories/44388
- http://secunia.com/advisories/44695
- http://secunia.com/advisories/44870
- http://secunia.com/advisories/45742
- http://secunia.com/advisories/48058
- http://ubuntu.com/usn/usn-1148-1
- http://www.debian.org/security/2012/dsa-2415
- http://www.exploit-db.com/exploits/17222
- http://www.openwall.com/lists/oss-security/2011/05/02/1
- http://www.openwall.com/lists/oss-security/2011/05/02/19
- http://www.osvdb.org/72157