Vulnerabilities > Ecava > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-15 | CVE-2014-2375 | Permissions, Privileges, and Access Controls vulnerability in Ecava Integraxor Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. | 9.0 |
2013-02-08 | CVE-2012-4700 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ecava Integraxor Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. | 9.3 |
2012-04-02 | CVE-2012-0246 | Path Traversal vulnerability in Ecava Integraxor Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server. | 9.3 |
2010-12-23 | CVE-2010-4597 | Buffer Errors vulnerability in Ecava Integraxor 3.5.3900.5 Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument. | 10.0 |