Vulnerability Details CVE-2011-4042
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.296
EPSS Ranking 96.4%
CVSS Severity
CVSS v2 Score 9.3
References
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440
Products affected by CVE-2011-4042
-
cpe:2.3:a:arcinfo:frontvue:*
-
cpe:2.3:a:arcinfo:pcvue:10.0
-
cpe:2.3:a:arcinfo:pcvue:6.0
-
cpe:2.3:a:arcinfo:pcvue:8.2
-
cpe:2.3:a:arcinfo:pcvue:9.0
-
cpe:2.3:a:arcinfo:plantvue:*