Summary
Detail | |||
---|---|---|---|
Vendor | Interactivedata | First view | 2011-09-16 |
Product | Esignal | Last view | 2011-09-16 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:interactivedata:esignal:10.6:*:*:*:*:*:*:* | 1 |
cpe:2.3:a:interactivedata:esignal:10.6.2425.1208:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.3 | 2011-09-16 | CVE-2011-3503 | Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
10 | 2011-09-16 | CVE-2011-3494 | WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
SAINT Exploits
Description | Link |
---|---|
eSignal WinSig.exe long StyleTemplate buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
75458 | eSignal JRS_UT.dll Path Subversion Arbitrary DLL Injection Code Execution |
75457 | eSignal WinSig.exe <FaceName> Tag Time and Sales File Handling Overflow |
75456 | eSignal WinSig.exe <StyleTemplate> File Handling Overflow |
OpenVAS Exploits
id | Description |
---|---|
2011-09-16 | Name : eSignal Multiple Vulnerabilities File : nvt/gb_esignal_mult_vuln.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36661 - Type : FILE-OTHER - Revision : 4 |
2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36660 - Type : FILE-OTHER - Revision : 3 |
2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36659 - Type : FILE-OTHER - Revision : 3 |
2016-03-14 | Interactive Data eSignal stack buffer overflow attempt RuleID : 36658 - Type : FILE-OTHER - Revision : 3 |
2014-03-06 | Interactive Data eSignal stack buffer overflow attempt RuleID : 29527 - Type : FILE-OTHER - Revision : 5 |
2014-03-06 | Interactive Data eSignal stack buffer overflow attempt RuleID : 29526 - Type : FILE-OTHER - Revision : 4 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28907 - Type : FILE-OTHER - Revision : 5 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28906 - Type : FILE-OTHER - Revision : 5 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28905 - Type : FILE-OTHER - Revision : 5 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28904 - Type : FILE-OTHER - Revision : 5 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28903 - Type : FILE-OTHER - Revision : 5 |
2014-01-11 | Interactive Data eSignal stack buffer overflow attempt RuleID : 28902 - Type : FILE-OTHER - Revision : 4 |
2014-01-10 | Interactive Data eSignal stack buffer overflow attempt RuleID : 20843 - Type : FILE-OTHER - Revision : 14 |
2014-01-10 | Interactive Data eSignal stack buffer overflow attempt RuleID : 20842 - Type : FILE-OTHER - Revision : 13 |