MidnightBSD

Advisories for arcinfo

CVE-2011-4042 HIGH

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
arcinfo frontvue *
arcinfo pcvue 6.0
arcinfo pcvue 8.2
arcinfo pcvue 10.0
arcinfo pcvue 9.0
arcinfo plantvue *
CVE-2011-4043 HIGH

Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
arcinfo pcvue 6.0
arcinfo pcvue 8.2
arcinfo pcvue 10.0
arcinfo frontvue -
arcinfo plantvue -
arcinfo pcvue 9.0
CVE-2011-4044 MEDIUM

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
arcinfo pcvue 6.0
arcinfo pcvue 8.2
arcinfo pcvue 10.0
arcinfo frontvue -
arcinfo plantvue -
arcinfo pcvue 9.0
CVE-2011-4045 MEDIUM

Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
arcinfo pcvue 6.0
arcinfo pcvue 8.2
arcinfo pcvue 10.0
arcinfo frontvue -
arcinfo plantvue -
arcinfo pcvue 9.0