ARC PcVue ActiveX Control SCADA Remote Code Execution (CVE-2011-4042; CVE-2011-4043 ; CVE-2011-4044; CVE-2011-4045)

A buffer overflow vulnerability has been reported in SCADA ARC PcVue...

CVE-2011-4044

CVE-2011-4044 affects ARC Informatique PcVue (versions 6.0–10.0) with vulnerable SVUIGrd.ocx components in FrontVue/PlantVue. The flaw enables remote attackers to modify files or execute code by abusing SaveObject()/LoadObject() method handling, via a crafted aStream/function-pointer overwrite vu...

KLA10292 Multiple vulnerabilities in PcVue

Multiple critical vulnerabilities have been found in PcVue. Malicious users can exploit these vulnerabilities to execute arbitrary code, modify local files or cause denial of service. Below is a complete list of vulnerabilities 1. Unspecified vectors can be exploited remotely; 2. A buffer overflo...

Arc Informatique产品多个ActiveX控件漏洞

CVE ID: CVE-2011-4042,CVE-2011-4043,CVE-2011-4044,CVE-2011-4045 ARC Informatique是开发人机接口、监控和数据捕获HMI/SCADA软件的法国公司。 多个Arc Informatique产品在实现上存在多个安全漏洞，可被恶意用户利用操作某些数据并控制用户系统。 1）处理"SaveObject"和"LoadObject"方法SVUIGrd.ocx时存在的错误可被利用通过特制的"aStream"参数执行虚拟函数调用任意内存位置； 2）"GetExtendedColor"方法SVUIGrd.ocx中的错误可被利用破坏内...

CVE-2011-4044

creationtimestamp| type| source ---|---|--- 2011-09-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17896 2011-10-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17975 2018-05-29 15:50:33+00:00| seen|...