+2449 days 🔍 Sources info edit Vendor: Nessus Name: KeyWorks KeyHelp ActiveX Control Multiple VulnerabilitiesĮxploit-DB: 🔍 Threat Intelligence info edit Interest: 🔍Īctive APT Groups: 🔍 Countermeasures info edit Recommended: no mitigation known
Technical details and a public exploit are known. The exploitation doesn't require any form of authentication. It is possible to launch the attack remotely. This vulnerability is traded as CVE-2012-2515 since. The weakness was released with Nine Situations Group (Website).
#EMC CAPTIVA QUICKSCAN PRO 4.5 DRIVER#
Multiple stack-based buffer overflows in the KeyHelp.Ke圜trl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4 EMC Captiva Quickscan Pro 4.6 SP1 GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5 GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1 GE Intelligent Platforms Proficy Pulse 1.0 GE Intelligent Platforms Proficy Batch Execution 5.6 GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42 and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.
This is going to have an impact on confidentiality, integrity, and availability. The manipulation of the argument second with an unknown input leads to a memory corruption vulnerability. Affected is an unknown code block of the file KeyHelp.ocx of the component ActiveX Control. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability was found in GE Intelligent Platforms Proficy Historian up to 4.5. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 kommentar(er)
