Main Vulnerability Database Vulnerabilities #VU43100

Buffer overflow in IntegraXor - CVE-2012-4700

Published: February 8, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU43100

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2012-4700

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Ecava

Affected software:
IntegraXor

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.

How to mitigate CVE-2012-4700

Install update from vendor's website.

Sources

http://ics-cert.us-cert.gov/pdf/ICSA-13-036-02.pdf
http://www.integraxor.com/blog/security-issue-for-activex-enabled-browser-vulnerability-note

Buffer overflow in IntegraXor - CVE-2012-4700

Detailed vulnerability description

How to mitigate CVE-2012-4700

Sources

Please verify you're human