CVSS: 9.3EPSS: 95%CPEs: 12EXPL: 2CVE-2012-2515
https://notcve.org/view.php?id=CVE-2012-2515
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. Múltiples desbordamientos de búfer en el control ActiveX KeyHelp.KeyCtrl.1 en KeyHelp.ocx v1.2.312 en KeyWorks KeyHelp Module (también conocido como el componente HTML Help), tal como se utiliza en EMC Documentum ApplicationXtender Desktop v5.4; EMC Captiva Quickscan Pro v4.6 SP1; GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar código de su elección a través de una larga cadena en el segundo argumento del método (1) JumpMappedID o (2) JumpURL. • http://retrogod.altervista.org/9sg_emc_keyhelp.html http://secunia.com/advisories/36905 http://secunia.com/advisories/36914 http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf http://www.securityfocus.com/bid/36546 http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf http://www.vupen.com/english/advisories/2009/2793 http://www.vupen.com/english/advisories& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 0CVE-2008-3684 – EMC ApplicationXtender Workflow Server Admin Agent Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-3684
Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606. Desbordamiento de búfer basado en pila en el servicio Admin Agent en el servidor en EMC Documentum ApplicationXtender Workflow, posiblemente v5.40 SP1 y anteriores, permite a atacantes remotos ejecutar código arbitrario a través de paquete de datos manipulado al puerto 2606. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC ApplicationXtender Workflow Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Admin Agent service (aws_tmxn.exe) which listens by default on TCP port 2606. The process receives network packet data into a static heap buffer. • http://secunia.com/advisories/37070 http://www.zerodayinitiative.com/advisories/ZDI-08-096 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2008-3685 – EMC ApplicationXtender Workflow Server Admin Agent Arbitrary File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2008-3685
Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606. Vulnerabilidad de salto de directorio en aws_tmxn.exe en el servicio Admin Agent en el servidor en EMC Documentum ApplicationXtender Workflow, posiblemente v5.40 SP1 y anteriores, permite a atacantes remotos subir ficheros arbitrarios y ejecutar código de forma arbitraria a través de secuencias de salto de directorio en peticiones al puerto TCP 2606. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC ApplicationXtender Workflow Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Admin Agent service (aws_tmxn.exe) which listens by default on TCP port 2606. The process exposes functionality to upload arbitrary files to the remote system. • http://secunia.com/advisories/37070 http://www.zerodayinitiative.com/advisories/ZDI-08-095 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •