Vulnerability Description
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arcinfo | Frontvue | - |
| Arcinfo | Pcvue | 6.0 |
| Arcinfo | Plantvue | - |
Related Weaknesses (CWE)
References
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&IVendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfUS Government Resource
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=4
- http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&IVendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdfUS Government Resource
- https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=4
FAQ
What is CVE-2011-4043?
CVE-2011-4043 is a vulnerability with a CVSS score of 9.3 (HIGH). Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value...
How severe is CVE-2011-4043?
CVE-2011-4043 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4043?
Check the references section above for vendor advisories and patch information. Affected products include: Arcinfo Frontvue, Arcinfo Pcvue, Arcinfo Plantvue.