CVE-2011-4044

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods...

CVE-2011-4042

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...

PcVue <= 10.0 - Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: PcVue http://www.arcinfo.com/index.php?option=comcontent&id=2&Itemid=151 Versions: PcVue = 10.0 SVUIGrd.ocx = 1.5.1.0 aipgctl.ocx = 1.07.3702 Platforms: Windows Bugs: A code execution in SVUIGrd.ocx Save/LoadObject B write4 in...

CVE-2011-4043

Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow...

Integer overflow

Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow...

CVE-2011-4042

CVE-2011-4042 describes an unspecified ActiveX control (SVUIGrd.ocx) in ARC Informatique PcVue 6.0–10.0, FrontVue, and PlantVue where remote attackers can execute arbitrary code by delivering a crafted HTML document that gains control of a function pointer. Public advisories note multiple artifac...

CVE-2011-4043

CVE-2011-4043 is a buffer overflow in ARC Informatique PcVue’s SVUIGrd.ocx ActiveX control. A crafted large integer input can trigger memory corruption and remote code execution. Affected products include PcVue 6.0–10.0, FrontVue, and PlantVue. Red Hat and ICS-CERT sources corroborate the vulnera...

CVE-2011-4044

CVE-2011-4044 affects ARC Informatique PcVue (versions 6.0–10.0) with vulnerable SVUIGrd.ocx components in FrontVue/PlantVue. The flaw enables remote attackers to modify files or execute code by abusing SaveObject()/LoadObject() method handling, via a crafted aStream/function-pointer overwrite vu...

Arc Informatique产品多个ActiveX控件漏洞

CVE ID: CVE-2011-4042,CVE-2011-4043,CVE-2011-4044,CVE-2011-4045 ARC Informatique是开发人机接口、监控和数据捕获HMI/SCADA软件的法国公司。 多个Arc Informatique产品在实现上存在多个安全漏洞，可被恶意用户利用操作某些数据并控制用户系统。 1）处理"SaveObject"和"LoadObject"方法SVUIGrd.ocx时存在的错误可被利用通过特制的"aStream"参数执行虚拟函数调用任意内存位置； 2）"GetExtendedColor"方法SVUIGrd.ocx中的错误可被利用破坏内...

PcVue 10.0 Function Pointer Overwrite

$Id: pcvuefunc.rb 13889 2011-10-12 10:57:31Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability

This module exploits a function pointer control within SVUIGrd.ocx of PcVue 10.0. By setting a dword value for the SaveObject or LoadObject, an attacker can overwrite a function pointer and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD

Exploit for windows platform in category remote exploits $Id: pcvuefunc.rb 13889 2011-10-12 10:57:31Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

PcVue 10.0 - Multiple Vulnerabilities

PcVue 10.0 - Multiple Vulnerabilities Luigi Auriemma Application: PcVue http://www.arcinfo.com/index.php?option=comcontent&id=2&Itemid=151 Versions: PcVue = 10.0 SVUIGrd.ocx = 1.5.1.0 aipgctl.ocx = 1.07.3702 Platforms: Windows Bugs: A code execution in SVUIGrd.ocx Save/LoadObject B write4 in...