Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 up to and including 7.42; and other products, allow remote malicious users to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ge intelligent platforms proficy historian 3.5 |
||
ge intelligent platforms proficy historian 4.0 |
||
ge intelligent platforms proficy historian 4.5 |
||
ge intelligent platforms proficy hmi\\/scada ifix 5.0 |
||
emc captiva quickscan pro 4.6 |
||
ge intelligent platforms proficy batch execution 5.6 |
||
ge intelligent platforms si7 i\\/o driver 7.42 |
||
ge intelligent platforms proficy pulse 1.0 |
||
emc documentum applicationxtender desktop 5.4 |
||
ge intelligent platforms proficy historian 3.1 |
||
ge intelligent platforms proficy hmi\\/scada ifix 5.1 |
||
ge intelligent platforms si7 i\\/o driver 7.20 |