17 matches found
CVE-2022-2569 ARC Informatique PcVue
The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users...
CVE-2020-26869
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit...
Deserialization of untrusted data
ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server...
Information disclosure
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit...
CVE-2020-26867
CVE-2020-26867 concerns ARC Informatique PcVue deserialization of untrusted data, enabling remote arbitrary code execution on the web/mobile back-end server. Affected: PcVue versions prior to 12.0.17 (8.10–12.0.x). Root cause: insecure deserialization of messages on the interface. Impact: high-se...
CVE-2020-26869
ARC Informatique PcVue Information Disclosure (CVE-2020-26869): PcVue versions 8.10 up to before 12.0.17 expose session data of legitimate users to unauthorized actors via Web Services Toolkit integration. ICSA-20-308-03 confirms the vulnerability and cites a CVSS v3 base score of 7.5 (Network, L...
CVE-2020-26869 ARC Informatique PcVue Exposure of Sensitive Information to an Unauthorized Actor
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit...
CVE-2011-4045
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document...
CVE-2011-4042
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...
CVE-2011-4043
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow...
Buffer overflow
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document...
Integer overflow
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow...
Null pointer dereference
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...
CVE-2011-4042
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...
CVE-2011-4044
CVE-2011-4044 affects ARC Informatique PcVue (versions 6.0–10.0) with vulnerable SVUIGrd.ocx components in FrontVue/PlantVue. The flaw enables remote attackers to modify files or execute code by abusing SaveObject()/LoadObject() method handling, via a crafted aStream/function-pointer overwrite vu...
CVE-2011-4045
CVE-2011-4045 is a buffer overflow in an unspecified ActiveX control (aipgctl.ocx) used by ARC Informatique PcVue 6.0–10.0, FrontVue, and PlantVue. The vulnerability allows remote attackers to cause a denial of service via a crafted HTML document. Affected products include PcVue versions 6.x thro...
CVE-2011-4044
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods...