Vulnerabilities > CVE-2011-3488 - Resource Management Errors vulnerability in Equis Metastock

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

equis

CWE-399

critical

exploit available

NVD

Published: 2011-09-16

Updated: 2012-06-28

Summary

Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout.

Vulnerable Configurations

Part	Description	Count
Application	Equis Equis Metastock 8.0 Equis Metastock 9.0 Equis Metastock 9.1 Equis Metastock 9.2 Equis Metastock 10.0 Equis Metastock 10.1 Equis Metastock 11.0	7

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Equis MetaStock <= 11 Use After Free. CVE-2011-3488. Dos exploit for windows platform
id	EDB-ID:17836
last seen	2016-02-02
modified	2011-09-14
published	2011-09-14
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/17836/
title	Equis MetaStock <= 11 Use After Free

References

http://aluigi.altervista.org/adv/metastock_1-adv.txt