Buffer overflow in Emc Captiva_quickscan_pro
CVE-2012-2515
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan…
Vulnerability class: Buffer Overflow
EPSS: 0.648 (98.5th percentile) — read the EPSS interpretation.
Affected products
- Emc Captiva_quickscan_pro — versions 4.6
- Emc Documentum_applicationxtender_desktop — versions 5.4
- Ge Intelligent_platforms_proficy_batch_execution — versions 5.6
- Ge Intelligent_platforms_proficy_historian — versions 3.1, 3.5, 4.0
- Ge Intelligent_platforms_proficy_hmi\/scada_ifix — versions 5.0, 5.1
- Ge Intelligent_platforms_proficy_pulse — versions 1.0
- Ge Intelligent_platforms_si7_i\/o_driver — versions 7.20, 7.42
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- ADV-2009-2795 (vdb-entry, x_refsource_VUPEN)
- ADV-2009-2793 (vdb-entry, x_refsource_VUPEN)
- 36546 (Exploit, vdb-entry, x_refsource_BID)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Vendor Advisory)
- 36914 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 36905 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- ics-cert@hq.dhs.gov (US Government Resource, x_refsource_MISC)
- ics-cert@hq.dhs.gov (Exploit, x_refsource_MISC)
Frequently asked questions
- What is CVE-2012-2515?
- CVE-2012-2515 is a vulnerability in Emc Captiva_quickscan_pro, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-07-05.
- Is CVE-2012-2515 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.