CVE-2011-2386

Name of the Vulnerable Software and Affected Versions VisiWave Site Survey versions prior to 2.1.9

Description The issue allows user-assisted remote attackers to execute arbitrary code via a file with an invalid Type property, which triggers an untrusted pointer dereference. This can occur through vws and vwr files.

Recommendations For versions prior to 2.1.9, update to version 2.1.9 or later to resolve the issue. As a temporary workaround, consider avoiding the use of vws and vwr files with invalid Type properties until a patch is applied. Restrict access to VisiWaveReport.exe to minimize the risk of exploitation.