Kaspersky LabKLA10292KLA10292 Multiple vulnerabilities in PcVue
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
High
0.314 Low
EPSS
Percentile
97.0%
Multiple critical vulnerabilities have been found in PcVue. Malicious users can exploit these vulnerabilities to execute arbitrary code, modify local files or cause denial of service. Below is a complete list of vulnerabilities
- Unspecified vectors can be exploited remotely;
- A buffer overflow can be exploited remotely via s specially designed HTML;
- An integer overflow can be exploited remotely via specially designed parameters.
Original advisories
Related products
CVE list
CVE-2011-4042 critical
CVE-2011-4045 warning
CVE-2011-4044 high
CVE-2011-4043 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- WLF
Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.
- RLF
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.
Affected Products
- ARC Informatique PcVue versions from 6.0 to 10.0
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
High
0.314 Low
EPSS
Percentile
97.0%