ActiveX Control Vulnerability in ARC Informatique Products
CVE-2011-4042

Currently unrated

Key Information:

Vendor

Arcinfo

Status
Pcvue
Plantvue
Frontvue
Vendor
CVE Published:
3 April 2012

What is CVE-2011-4042?

An unspecified vulnerability exists in the ActiveX control SVUIGrd.ocx utilized by ARC Informatique's PC Vue, FrontVue, and PlantVue products. Attackers can exploit this vulnerability through a maliciously crafted HTML document, which may enable them to gain control over a function pointer, leading to arbitrary code execution on the affected system.

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01...
x_refsource_MISC
http://www.pcvuesolutions.com/index.php?option=com_conten...
x_refsource_CONFIRM
https://support.pcvuescada.com/index.php?option=com_k2&vi...
x_refsource_CONFIRM

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.