Buffer overflow in Cytel Inc. Studio
CVE-2011-10015
Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (25…
Vulnerability class: Buffer Overflow
EPSS: 0.004 (31.9th percentile) — read the EPSS interpretation.
Affected products
- Cytel Inc. Studio — versions 0
- Cytel Inc. Studio — versions 0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (technical-description, exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
Frequently asked questions
- What is CVE-2011-10015?
- CVE-2011-10015 is a vulnerability in Cytel Inc. Studio, classified under Stack-based Buffer Overflow. Published 2025-08-13.
- Is CVE-2011-10015 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.