ARC PcVue ActiveX Control SCADA Remote Code Execution (CVE-2011-4042; CVE-2011-4043 ; CVE-2011-4044; CVE-2011-4045)

A buffer overflow vulnerability has been reported in SCADA ARC PcVue...

CVE-2011-4042

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...

CVE-2011-4042

CVE-2011-4042 describes an unspecified ActiveX control (SVUIGrd.ocx) in ARC Informatique PcVue 6.0–10.0, FrontVue, and PlantVue where remote attackers can execute arbitrary code by delivering a crafted HTML document that gains control of a function pointer. Public advisories note multiple artifac...

KLA10292 Multiple vulnerabilities in PcVue

Multiple critical vulnerabilities have been found in PcVue. Malicious users can exploit these vulnerabilities to execute arbitrary code, modify local files or cause denial of service. Below is a complete list of vulnerabilities 1. Unspecified vectors can be exploited remotely; 2. A buffer overflo...

Arc Informatique产品多个ActiveX控件漏洞

CVE ID: CVE-2011-4042,CVE-2011-4043,CVE-2011-4044,CVE-2011-4045 ARC Informatique是开发人机接口、监控和数据捕获HMI/SCADA软件的法国公司。 多个Arc Informatique产品在实现上存在多个安全漏洞，可被恶意用户利用操作某些数据并控制用户系统。 1）处理"SaveObject"和"LoadObject"方法SVUIGrd.ocx时存在的错误可被利用通过特制的"aStream"参数执行虚拟函数调用任意内存位置； 2）"GetExtendedColor"方法SVUIGrd.ocx中的错误可被利用破坏内...