Summary
| Detail | |||
|---|---|---|---|
| Vendor | Interactivedata | First view | 2011-09-16 |
| Product | Esignal | Last view | 2011-09-16 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:interactivedata:esignal:10.6:*:*:*:*:*:*:* | 1 |
| cpe:2.3:a:interactivedata:esignal:10.6.2425.1208:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2011-09-16 | CVE-2011-3503 | Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 10 | 2011-09-16 | CVE-2011-3494 | WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
SAINT Exploits
| Description | Link |
|---|---|
| eSignal WinSig.exe long StyleTemplate buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75458 | eSignal JRS_UT.dll Path Subversion Arbitrary DLL Injection Code Execution |
| 75457 | eSignal WinSig.exe <FaceName> Tag Time and Sales File Handling Overflow |
| 75456 | eSignal WinSig.exe <StyleTemplate> File Handling Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-09-16 | Name : eSignal Multiple Vulnerabilities File : nvt/gb_esignal_mult_vuln.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36661 - Type : FILE-OTHER - Revision : 4 |
| 2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36660 - Type : FILE-OTHER - Revision : 3 |
| 2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36659 - Type : FILE-OTHER - Revision : 3 |
| 2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36658 - Type : FILE-OTHER - Revision : 3 |
| 2014-03-06 | Interactive Data eSignal stack buffer overflow attempt RuleID : 29527 - Type : FILE-OTHER - Revision : 5 |
| 2014-03-06 | Interactive Data eSignal stack buffer overflow attempt RuleID : 29526 - Type : FILE-OTHER - Revision : 4 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28907 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28906 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28905 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28904 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28903 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28902 - Type : FILE-OTHER - Revision : 4 |
| 2014-01-10 | Interactive Data eSignal stack buffer overflow attempt RuleID : 20843 - Type : FILE-OTHER - Revision : 14 |
| 2014-01-10 | Interactive Data eSignal stack buffer overflow attempt RuleID : 20842 - Type : FILE-OTHER - Revision : 13 |
