Buffer overflow in Cytel Inc. Studio

CVE-2011-10015

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (25…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (31.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2011-10015?
CVE-2011-10015 is a vulnerability in Cytel Inc. Studio, classified under Stack-based Buffer Overflow. Published 2025-08-13.
Is CVE-2011-10015 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.