CVE-2011-1744

EMC Captiva eInput <2.1.1.37 - Info Disclosure

Title source: llm
STIX 2.1

Description

EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/519010/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8319

Scores

EPSS 0.0051
EPSS Percentile 66.5%

Details

CWE
CWE-264
Status published
Products (1)
emc/captiva_einput < 2.1.1.37
Published Aug 01, 2011
Tracked Since Feb 18, 2026