CVE-2012-4700
published 2013-02-08CVE-2012-4700: Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
3.77%
88.6th percentile
Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecava | integraxor | <= 4.00 | — |
| ecava | integraxor | — | — |
| ecava | integraxor | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j557-gjcq-3h5h: Multiple buffer overflows in an ActiveX control in PE3DO32A
ghsa_unreviewed·2022-05-17
CVE-2012-4700 [HIGH] CWE-119 GHSA-j557-gjcq-3h5h: Multiple buffer overflows in an ActiveX control in PE3DO32A
Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.
CISA ICS
Ecava IntegraXor ActiveX Buffer Overflow
cisa_ics·2015-01-29
Ecava IntegraXor ActiveX Buffer Overflow
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Ecava IntegraXor ActiveX Buffer Overflow
Last RevisedJanuary 29, 2015
Alert CodeICSA-13-036-02
## Overview
This advisory provides mitigation details for a vulnerability that impacts the Ecava IntegraXor application. Independent researcher Andrew Brooks has identified a buffer overflow vulnerability in Ecava’s IntegraXor application.
Ecava has produced a patch that mitigates this vulnerability. The researcher has tested the patch to validate that it resolves this vulnerability.
Exploitation of this vulnerability would allow an attacker to execute arbitrary code or cause a denia
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2013-02-08
Published