CVSS: 9.3EPSS: 95%CPEs: 12EXPL: 2CVE-2012-2515
https://notcve.org/view.php?id=CVE-2012-2515
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. Múltiples desbordamientos de búfer en el control ActiveX KeyHelp.KeyCtrl.1 en KeyHelp.ocx v1.2.312 en KeyWorks KeyHelp Module (también conocido como el componente HTML Help), tal como se utiliza en EMC Documentum ApplicationXtender Desktop v5.4; EMC Captiva Quickscan Pro v4.6 SP1; GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar código de su elección a través de una larga cadena en el segundo argumento del método (1) JumpMappedID o (2) JumpURL. • http://retrogod.altervista.org/9sg_emc_keyhelp.html http://secunia.com/advisories/36905 http://secunia.com/advisories/36914 http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf http://www.securityfocus.com/bid/36546 http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf http://www.vupen.com/english/advisories/2009/2793 http://www.vupen.com/english/advisories& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 61%CPEs: 10EXPL: 1CVE-2012-2516 – GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-2516
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 through 7.42; and other products, allows remote attackers to execute arbitrary commands via crafted input, related to a "command injection vulnerability." Un control ActiveX en KeyHelp.ocx en KeyWorks KeyHelp Module (también conocido como el componente HTML Help), tal como se utiliza en GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar comandos arbitrarios a través de la entrada hecha a mano, relacionada con una "vulnerabilidad de inyección de comandos." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the KeyHelp.ocx ActiveX control. • https://www.exploit-db.com/exploits/21888 http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 22%CPEs: 8EXPL: 0CVE-2012-0229 – GE Proficy Historian ihDataArchiver.exe Multiple Opcode Parsing Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0229
The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted session on TCP port 14000 to (1) ihDataArchiver.exe or (2) ihDataArchiver_x64.exe. El servicio Data Archiver service en GE Intelligent Platforms Proficy Historian v4.5 y anteriores permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código a través de una sesión TCP manipulada en el puerto 14000 sobre (1) ihDataArchiver.exe o (2) ihDataArchiver_x64.exe. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE iFix. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. Several errors are present in the code responsible for parsing data from the network. • http://secunia.com/advisories/48369 http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB14767 http://www.securityfocus.com/bid/52437 http://www.us-cert.gov/control_systems/pdf/ICSA-12-032-01.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3320
https://notcve.org/view.php?id=CVE-2011-3320
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Web Administrator en GE Intelligent Platforms Proficy Historian v4.x y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro no especificados. • http://www.securityfocus.com/bid/50473 http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 17%CPEs: 2EXPL: 0CVE-2011-1918 – GE Proficy Historian ihDataArchiver.exe Trusted Header Size Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1918
Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic. Desbordamiento de buffer de pila en el servicio "Data Archiver" de GE Intelligent Platforms Proficy Historian en versiones anteriores a la 3.5 SIM 17 y 4.x anteriores a 4.0 SIM 12. Permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código arbitrario a través de tráfico TCP modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. • http://ics-cert.us-cert.gov/advisories/ICSA-11-243-03A http://www.securityfocus.com/bid/50475 http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-03.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •