First published: Thu Jul 05 2012(Updated: )
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
EMC Captiva Quickscan Pro | =4.6-sp1 | |
EMC Documentum ApplicationXtender Desktop | =5.4 | |
GE Intelligent Platforms Proficy Batch Execution | =5.6 | |
GE Intelligent Platforms Proficy Historian | =3.1 | |
GE Intelligent Platforms Proficy Historian | =3.5 | |
GE Intelligent Platforms Proficy Historian | =4.0 | |
GE Intelligent Platforms Proficy Historian | =4.5 | |
Ge Intelligent Platforms Proficy Hmi\/scada Ifix | =5.0 | |
Ge Intelligent Platforms Proficy Hmi\/scada Ifix | =5.1 | |
GE Intelligent Platforms Proficy Pulse | =1.0 | |
Ge Intelligent Platforms Si7 I\/o Driver | =7.20 | |
Ge Intelligent Platforms Si7 I\/o Driver | =7.42 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.