Buffer overflow in Arcinfo Frontvue

CVE-2011-4045

Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.

Vulnerability class: Buffer Overflow

EPSS: 0.303 (96.8th percentile) — read the EPSS interpretation.

Affected products

Arcinfo Frontvue
Arcinfo Pcvue — versions 6.0, 8.2, 9.0
Arcinfo Plantvue
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cret@cert.org (US Government Resource, x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
cret@cert.org (x_refsource_CONFIRM)