CVE-2011-4043
published 2012-04-03CVE-2011-4043: Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to…
PriorityP352critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
7.44%
93.7th percentile
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arcinfo | pcvue | — | — |
| arcinfo | pcvue | — | — |
| arcinfo | pcvue | — | — |
| arcinfo | pcvue | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities
cisa_ics·2018-09-06
ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities
Last RevisedSeptember 06, 2018
Alert CodeICSA-11-340-01
## Overview
This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.”
ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include:
- potential to write memory
- possible file corruption
- remote code execution
- denial of service.
Independent researcher Kuang-Chun Hung of Security Research and Service
GHSA
GHSA-jvg8-6hmq-jwx2: Integer overflow in an unspecified ActiveX control in SVUIGrd
ghsa_unreviewed·2022-05-17
CVE-2011-4043 [HIGH] GHSA-jvg8-6hmq-jwx2: Integer overflow in an unspecified ActiveX control in SVUIGrd
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.
No detection rules found.
No writeups or analysis indexed.
http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfhttps://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfhttps://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440
2012-04-03
Published