CVE-2011-1392

Name of the Vulnerable Software and Affected Versions Blueberry BB FlashBack versions prior to 7.6.1 IBM Rational Rhapsody versions prior to 7.6.1

Description The issue concerns the Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll, which is used in IBM Rational Rhapsody and other products. It does not properly implement certain methods, including Start, PauseAndSave, InsertMarker, and InsertSoundToFBRAtMarker, allowing remote attackers to execute arbitrary code.

Recommendations For Blueberry BB FlashBack versions prior to 7.6.1, update to version 7.6.1 or later. For IBM Rational Rhapsody versions prior to 7.6.1, update to version 7.6.1 or later. As a temporary workaround, consider disabling the Start, PauseAndSave, InsertMarker, and InsertSoundToFBRAtMarker methods in the Blueberry FlashBack ActiveX control until a patch is available.