Unrated severityNVD Advisory· Published May 5, 2011· Updated Apr 29, 2026

CVE-2011-1207

Description

The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in ActBar.ocx 1.0.6.5 in IBM Rational System Architect 11.4.0.2, 11.4.0.1, and earlier, does not properly restrict the SetLayoutData method, which allows remote attackers to execute arbitrary code via a crafted Data argument, a different vulnerability than CVE-2007-3883. NOTE: some of these details are obtained from third party information.

Affected products

IBM/Rational System Architect8 versions
cpe:2.3:a:ibm:rational_system_architect:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ibm:rational_system_architect:*:*:*:*:*:*:*:*range: <=11.4.0.2
- cpe:2.3:a:ibm:rational_system_architect:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_system_architect:11.4.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/docview.wssnvdPatchVendor Advisory
secunia.com/advisories/43399nvdVendor Advisory
secunia.com/advisories/43474nvdVendor Advisory
securitytracker.com/idnvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/47643nvdThird Party AdvisoryVDB Entry
www.vupen.com/english/advisories/2011/1129nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000