Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker methods, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Rational Rhapsody任意代码执行漏洞
Vulnerability Description
IBM Rational Rhapsody的安装过程中存在任意代码执行漏洞。远程攻击者可利用该漏洞在用户相互交互时打开恶意网页或者恶意文件。该漏洞具体存在于BB FlashBack Recorder.dll中:Filename属性借助Start()方法可导致目录遍历攻击,PauseAndSave()借助nextfilename参数也可能导致目录遍历攻击,InsertMarker()与InsertSoundToFBRAtMarker()中的参数容易导致SQL注入漏洞,并结合前面的漏洞实现远程任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A