Vulnerabilities > Ecava > Integraxor > Critical

DATE CVE VULNERABILITY TITLE RISK
2014-09-15 CVE-2014-2375 Permissions, Privileges, and Access Controls vulnerability in Ecava Integraxor
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.
network
low complexity
ecava CWE-264
critical
9.0
2013-02-08 CVE-2012-4700 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ecava Integraxor
Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.
network
ecava CWE-119
critical
9.3
2012-04-02 CVE-2012-0246 Path Traversal vulnerability in Ecava Integraxor
Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server.
network
ecava CWE-22
critical
9.3
2010-12-23 CVE-2010-4597 Buffer Errors vulnerability in Ecava Integraxor 3.5.3900.5
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.
network
low complexity
ecava CWE-119
critical
10.0