Vulnerability Description
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arcinfo | Frontvue | All versions |
| Arcinfo | Pcvue | 6.0 |
| Arcinfo | Plantvue | All versions |
References
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&IVendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfUS Government Resource
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=4
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&IVendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfUS Government Resource
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=4
FAQ
What is CVE-2011-4042?
CVE-2011-4042 is a vulnerability with a CVSS score of 9.3 (HIGH). An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to o...
How severe is CVE-2011-4042?
CVE-2011-4042 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4042?
Check the references section above for vendor advisories and patch information. Affected products include: Arcinfo Frontvue, Arcinfo Pcvue, Arcinfo Plantvue.