CVE-2011-4039
https://notcve.org/view.php?id=CVE-2011-4039
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation." Invensys Wonderware HMI Reports v3.42.835.0304 y anteriores, como el usado en Ocean Data Systems Dream Report anteriores a v4.0 y otros productos permiten a atacantes remotos asistidos por usuarios, ejecutar código de su elección mediante un fichero defectuoso que provocará una "write access violation.". • http://secunia.com/advisories/47742 http://secunia.com/advisories/47933 http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf • CWE-264: Permissions, Privileges, and Access Controls •