Integer Overflow Vulnerability in ARC Informatique's SVUIGrd.ocx Control
CVE-2011-4043

Currently unrated

Key Information:

Vendor

Arcinfo

Status
Pcvue
Frontvue
Plantvue
Vendor
CVE Published:
3 April 2012

What is CVE-2011-4043?

An integer overflow vulnerability exists in the SVUIGrd.ocx ActiveX control used by ARC Informatique products, including PcVue, FrontVue, and PlantVue. This imperfection enables remote attackers to exploit the flaw by providing a large value for an integer parameter. The result can lead to a buffer overflow, allowing the execution of arbitrary code on systems that utilize these applications, thereby compromising system integrity and safety.

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01...
x_refsource_MISC
http://www.pcvuesolutions.com/index.php?option=com_conten...
x_refsource_CONFIRM
https://support.pcvuescada.com/index.php?option=com_k2&vi...
x_refsource_CONFIRM

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.