FKIE_CVE-2011-10012

Vulnerability from fkie_nvd - Published: 2025-08-13 21:15 - Updated: 2025-08-14 13:11
Severity ?
8.4 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.
References
disclosure@vulncheck.comhttps://netop.com/
disclosure@vulncheck.comhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb
disclosure@vulncheck.comhttps://web.archive.org/web/20120314075913/https://codework-systems.com/netop-remotecontrol-10-01-released/
disclosure@vulncheck.comhttps://www.exploit-db.com/exploits/17223
disclosure@vulncheck.comhttps://www.exploit-db.com/exploits/18697
disclosure@vulncheck.comhttps://www.fortiguard.com/encyclopedia/ips/27765/netop-remote-control-dws-file-handling-buffer-overflow
disclosure@vulncheck.comhttps://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened."
    },
    {
      "lang": "es",
      "value": "El cliente de control remoto NetOp (ahora parte de Impero Software) v9.5 es vulnerable a un desbordamiento de b\u00fafer basado en la pila al procesar archivos de configuraci\u00f3n .dws. Si un archivo .dws contiene una cadena de m\u00e1s de 520 bytes, la aplicaci\u00f3n no realiza la comprobaci\u00f3n de los l\u00edmites correcta, lo que permite a un atacante ejecutar c\u00f3digo arbitrario al abrir el archivo."
    }
  ],
  "id": "CVE-2011-10012",
  "lastModified": "2025-08-14T13:11:53.633",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "disclosure@vulncheck.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-13T21:15:28.463",
  "references": [
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://netop.com/"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://web.archive.org/web/20120314075913/https://codework-systems.com/netop-remotecontrol-10-01-released/"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://www.exploit-db.com/exploits/17223"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://www.exploit-db.com/exploits/18697"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://www.fortiguard.com/encyclopedia/ips/27765/netop-remote-control-dws-file-handling-buffer-overflow"
    },
    {
      "source": "disclosure@vulncheck.com",
      "url": "https://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow"
    }
  ],
  "sourceIdentifier": "disclosure@vulncheck.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "disclosure@vulncheck.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.