CVE-2011-10012

CVSS V2 None CVSS V3 None

Description

NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.

Overview

CVE ID
CVE-2011-10012

Assigner
VulnCheck

Vulnerability Status
PUBLISHED

Published Version
2025-08-13T20:35:59.386Z

Last Modified Date
2025-08-13T20:37:21.655Z

Weakness Enumerations

CWE	URL
CWE-121	http://cwe.mitre.org/data/definitions/121.html

References

Reference URL	Reference Tags
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb	exploit
https://www.exploit-db.com/exploits/17223	exploit
https://www.exploit-db.com/exploits/18697	exploit
https://www.fortiguard.com/encyclopedia/ips/27765/netop-remote-control-dws-file-handling-buffer-overflow	third-party-advisory
https://netop.com/	product
https://web.archive.org/web/20120314075913/https://codework-systems.com/netop-remotecontrol-10-01-released/	patch
https://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow	third-party-advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2011-10012
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-10012

History

Created	Old Value	New Value	Data Type	Notes
2025-08-14 10:00:26				Added to TrackCVE