CVE-2011-4044

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.

CVSS v2.0 5.8 MEDIUM

5.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257	Vendor Advisory
http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf	US Government Resource
https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:arcinfo:pcvue:8.2:::::::*
	cpe:2.3:a:arcinfo:pcvue:10.0:::::::*
	cpe:2.3:a:arcinfo:frontvue:-:::::::*
	cpe:2.3:a:arcinfo:plantvue:-:::::::*
	cpe:2.3:a:arcinfo:pcvue:6.0:::::::*
	cpe:2.3:a:arcinfo:pcvue:9.0:::::::*

Information

Published : 2012-04-02 20:44

Updated : 2012-04-02 21:00

NVD link : CVE-2011-4044

Mitre link : CVE-2011-4044

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

arcinfo

pcvue
plantvue
frontvue

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257", "name": "http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf", "tags": ["US Government Resource"], "refsource": "MISC"}, {"url": "https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440", "name": "https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-4044", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2012-04-03T03:44Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:arcinfo:pcvue:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:arcinfo:pcvue:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:arcinfo:pcvue:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:arcinfo:pcvue:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-04-03T04:00Z"}