CVE-2011-4043

EUVD-2011-3995
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
arcinfofrontvue
-
arcinfopcvue
6.0
arcinfopcvue
8.2
arcinfopcvue
9.0
arcinfopcvue
10.0
arcinfoplantvue
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257
http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf
https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440
http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257
http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf
https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440