Vulnerabilities > CVE-2011-4043 - Numeric Errors vulnerability in Arcinfo Frontvue, Pcvue and Plantvue

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
arcinfo
CWE-189
critical
exploit available
NVD
Published: 2012-04-03
Updated: 2012-04-03

Summary

Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Arcinfo
6

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionPcVue <= 10.0 - Multiple Vulnerabilities. CVE-2011-4042,CVE-2011-4043,CVE-2011-4044,CVE-2011-4045. Dos exploit for windows platform
idEDB-ID:17896
last seen2016-02-02
modified2011-09-27
published2011-09-27
reporterLuigi Auriemma
sourcehttps://www.exploit-db.com/download/17896/
titlePcVue <= 10.0 - Multiple Vulnerabilities

Seebug

bulletinFamilyexploit
descriptionCVE ID: CVE-2011-4042,CVE-2011-4043,CVE-2011-4044,CVE-2011-4045 ARC Informatique是开发人机接口、监控和数据捕获(HMI/SCADA)软件的法国公司。 多个Arc Informatique产品在实现上存在多个安全漏洞,可被恶意用户利用操作某些数据并控制用户系统。 1)处理"SaveObject()"和"LoadObject()"方法(SVUIGrd.ocx)时存在的错误可被利用通过特制的"aStream"参数执行虚拟函数调用任意内存位置; 2)"GetExtendedColor()"方法(SVUIGrd.ocx)中的错误可被利用破坏内存; 3)"SaveObject()"方法(SVUIGrd.ocx)中的错误可通过目录遍历序列覆盖任意文件; 4)处理"DeletePage()"方法(aipgctl.ocx)时的错误可被利用执行虚拟函数调用任意内存位置。 0 ARC Informatique FrontVue ARC Informatique PcVue 10.x ARC Informatique PcVue 6.x ARC Informatique PcVue 7.x ARC Informatique PcVue 8.x ARC Informatique PcVue 9.x ARC Informatique PlantVue 厂商补丁: ARC Informatique ---------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.arcinfo.com/index.php?lang=en
idSSV:26071
last seen2017-11-19
modified2011-12-16
published2011-12-16
reporterRoot
titleArc Informatique产品多个ActiveX控件漏洞

References