Vulnerability Details : CVE-2011-4044
Public exploit exists!
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.
Products affected by CVE-2011-4044
- cpe:2.3:a:arcinfo:pcvue:8.2:*:*:*:*:*:*:*
- cpe:2.3:a:arcinfo:pcvue:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:arcinfo:pcvue:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:arcinfo:pcvue:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*
- cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-4044
61.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-4044
-
PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability
Disclosure Date: 2011-10-05First seen: 2020-04-26exploit/windows/browser/pcvue_funcThis module exploits a function pointer control within SVUIGrd.ocx of PcVue 10.0. By setting a dword value for the SaveObject() or LoadObject(), an attacker can overwrite a function pointer and execute arbitrary code. Authors: - Luigi Auriemma - mr_me <steventhoma
CVSS scores for CVE-2011-4044
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:P |
8.6
|
4.9
|
NIST |
References for CVE-2011-4044
-
http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257
404 - Error: 404Vendor Advisory
-
https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440
Home
-
http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf
404 - File Not Found | CISAUS Government Resource
Jump to