Vulnerabilities > Interactivedata > Esignal > 10.6.2425
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-09-16 | CVE-2011-3494 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Interactivedata Esignal 10.6/10.6.2425 WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. | 10.0 |