CVE-2012-2515
Published Jul 5, 2012
Last updated 12 years ago
Overview
- Description
- Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B464AC4-7766-47DB-AE36-1E26D244EC67"
},
{
"criteria": "cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A361D413-79A2-492B-A675-7A40023BC0D7"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D91A768-D643-4601-B11D-2C5FB60B8566"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "612B7F05-3C6D-43CA-8D6C-F0A887789EF5"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D29C00B-B754-47C5-BBD0-D63DDD252DA6"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC9F852-EA9A-497D-9ED2-DAF926D0440A"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C8C84F4-699E-4D77-AF36-19DF28AE16CC"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65A4CBC3-3B98-4700-8710-4D4FFCA55315"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ABA340B-B00B-41EC-8270-68139B63D09A"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "738ACF30-4F1A-44C6-9A97-46F5566ACC05"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "641F3A0F-9E07-413D-869C-8E123636DD0A"
},
{
"criteria": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA786450-C420-420A-9C5E-49D408B6B3C2"
}
],
"operator": "OR"
}
]
}
]