Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9yp4-zatm-6qea
Summary
Aliases
0
alias CVE-2011-2404
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2404
reference_id
reference_type
scores
0
value 0.80079
scoring_system epss
scoring_elements 0.99138
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2404
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17697.rb
reference_id CVE-2011-2404;OSVDB-74510
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17697.rb
2
reference_url http://www.zerodayinitiative.com/advisories/ZDI-11-261/
reference_id CVE-2011-2404;OSVDB-74510
reference_type exploit
scores
url http://www.zerodayinitiative.com/advisories/ZDI-11-261/
Weaknesses
Exploits
0
date_added null
description 
This module allows remote attackers to place arbitrary files on a users file
          system by abusing via Directory Traversal attack the "saveXML" method from the
          "XMLSimpleAccessor" class in the HP Easy Printer HPTicketMgr.dll ActiveX Control
          (HPTicketMgr.dll 2.7.2.0).

          Code execution can be achieved by first uploading the payload to the remote
          machine embeddeding a vbs file, and then upload another mof file, which enables Windows
          Management Instrumentation service to execute the vbs. Please note that this
          module currently only works for Windows before Vista.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2011-08-16
exploit_type null
platform Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb
1
date_added 2011-08-20
description HP Easy Printer Care - XMLSimpleAccessor Class ActiveX Control Remote Code Execution (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2011-08-20
exploit_type remote
platform windows
source_date_updated 2011-08-20
data_source Exploit-DB
source_url http://www.zerodayinitiative.com/advisories/ZDI-11-261/
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9yp4-zatm-6qea