Buffer overflow in Ecava Integraxor

CVE-2012-4700

Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.

Vulnerability class: Buffer Overflow

EPSS: 0.108 (93.5th percentile) — read the EPSS interpretation.

Affected products

Ecava Integraxor — versions 3.71, 3.72
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

ics-cert@hq.dhs.gov (US Government Resource, x_refsource_MISC)
ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Patch, Vendor Advisory)