cvelistv5 - cve-2012-2515

CVE-2012-2515 (GCVE-0-2012-2515)

Vulnerability from cvelistv5 – Published: 2012-07-05 01:00 – Updated: 2024-09-16 17:37

Summary

Severity ?

No CVSS data available.

CWE

Assigner

icscert

References

URL

Tags

	http://www.vupen.com/english/advisories/2009/2795	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2009/2793	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/36546	vdb-entryx_refsource_BID
	http://support.ge-ip.com/support/resources/sites/…	x_refsource_CONFIRM
	http://secunia.com/advisories/36914	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/36905	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/control_systems/pdf/ICSA-1…	x_refsource_MISC
	http://retrogod.altervista.org/9sg_emc_keyhelp.html	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:25.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-2795",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2795"
          },
          {
            "name": "ADV-2009-2793",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2793"
          },
          {
            "name": "36546",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36546"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
          },
          {
            "name": "36914",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36914"
          },
          {
            "name": "36905",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36905"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-07-05T01:00:00Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "ADV-2009-2795",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2795"
        },
        {
          "name": "ADV-2009-2793",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2793"
        },
        {
          "name": "36546",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36546"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
        },
        {
          "name": "36914",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36914"
        },
        {
          "name": "36905",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36905"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-2515",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-2795",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2795"
            },
            {
              "name": "ADV-2009-2793",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2793"
            },
            {
              "name": "36546",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36546"
            },
            {
              "name": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf",
              "refsource": "CONFIRM",
              "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
            },
            {
              "name": "36914",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36914"
            },
            {
              "name": "36905",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36905"
            },
            {
              "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf",
              "refsource": "MISC",
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
            },
            {
              "name": "http://retrogod.altervista.org/9sg_emc_keyhelp.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-2515",
    "datePublished": "2012-07-05T01:00:00Z",
    "dateReserved": "2012-05-07T00:00:00Z",
    "dateUpdated": "2024-09-16T17:37:55.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B464AC4-7766-47DB-AE36-1E26D244EC67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A361D413-79A2-492B-A675-7A40023BC0D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D91A768-D643-4601-B11D-2C5FB60B8566\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"612B7F05-3C6D-43CA-8D6C-F0A887789EF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D29C00B-B754-47C5-BBD0-D63DDD252DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BC9F852-EA9A-497D-9ED2-DAF926D0440A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C8C84F4-699E-4D77-AF36-19DF28AE16CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\\\/scada_ifix:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65A4CBC3-3B98-4700-8710-4D4FFCA55315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\\\/scada_ifix:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ABA340B-B00B-41EC-8270-68139B63D09A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"738ACF30-4F1A-44C6-9A97-46F5566ACC05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_si7_i\\\\/o_driver:7.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641F3A0F-9E07-413D-869C-8E123636DD0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ge:intelligent_platforms_si7_i\\\\/o_driver:7.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA786450-C420-420A-9C5E-49D408B6B3C2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos de b\\u00fafer en el control ActiveX KeyHelp.KeyCtrl.1 en KeyHelp.ocx v1.2.312 en KeyWorks KeyHelp Module (tambi\\u00e9n conocido como el componente HTML Help), tal como se utiliza en EMC Documentum ApplicationXtender Desktop v5.4; EMC Captiva Quickscan Pro v4.6 SP1; GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de una larga cadena en el segundo argumento del m\\u00e9todo (1) JumpMappedID o (2) JumpURL.\"}]",
      "id": "CVE-2012-2515",
      "lastModified": "2024-11-21T01:39:10.217",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2012-07-05T03:23:18.480",
      "references": "[{\"url\": \"http://retrogod.altervista.org/9sg_emc_keyhelp.html\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/36905\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36914\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36546\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2793\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2795\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"http://retrogod.altervista.org/9sg_emc_keyhelp.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/36905\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36914\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2793\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-2515\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2012-07-05T03:23:18.480\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer en el control ActiveX KeyHelp.KeyCtrl.1 en KeyHelp.ocx v1.2.312 en KeyWorks KeyHelp Module (tambi\u00e9n conocido como el componente HTML Help), tal como se utiliza en EMC Documentum ApplicationXtender Desktop v5.4; EMC Captiva Quickscan Pro v4.6 SP1; GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una larga cadena en el segundo argumento del m\u00e9todo (1) JumpMappedID o (2) JumpURL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B464AC4-7766-47DB-AE36-1E26D244EC67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A361D413-79A2-492B-A675-7A40023BC0D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D91A768-D643-4601-B11D-2C5FB60B8566\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"612B7F05-3C6D-43CA-8D6C-F0A887789EF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D29C00B-B754-47C5-BBD0-D63DDD252DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BC9F852-EA9A-497D-9ED2-DAF926D0440A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C8C84F4-699E-4D77-AF36-19DF28AE16CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\\\/scada_ifix:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65A4CBC3-3B98-4700-8710-4D4FFCA55315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\\\/scada_ifix:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ABA340B-B00B-41EC-8270-68139B63D09A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738ACF30-4F1A-44C6-9A97-46F5566ACC05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_si7_i\\\\/o_driver:7.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641F3A0F-9E07-413D-869C-8E123636DD0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:intelligent_platforms_si7_i\\\\/o_driver:7.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA786450-C420-420A-9C5E-49D408B6B3C2\"}]}]}],\"references\":[{\"url\":\"http://retrogod.altervista.org/9sg_emc_keyhelp.html\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/36905\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36914\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36546\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2793\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2795\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://retrogod.altervista.org/9sg_emc_keyhelp.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/36905\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36914\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201207-0056

Vulnerability from variot - Updated: 2023-12-18 13:04

Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. GE Intelligent Platforms is a software and hardware product, service and expertise for users in the field of automation control and embedded. GE Proficy's multiple product KeyHelp.ocx controls fail to properly handle user-committed input, allowing attackers to perform stack-based buffer overflow attacks that can execute arbitrary code in the context of the application. KeyWorks KeyHelp Module is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successful exploits will compromise the application and the computer. Failed attacks will cause denial-of-service conditions. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: KeyWorks KeyHelp ActiveX Control Buffer Overflow Vulnerability

SECUNIA ADVISORY ID: SA36905

VERIFY ADVISORY: http://secunia.com/advisories/36905/

DESCRIPTION: pyrokinesis has discovered a vulnerability in the KeyWorks KeyHelp ActiveX control, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the KeyHelp.KeyCtrl.1 ActiveX control (KeyHelp.ocx). This can be exploited to cause a stack-based buffer overflow via an overly long argument passed to the "JumpMappedID()" or "JumpURL()" method.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in KeyHelp.ocx version 1.2.3120.0. Other versions may also be affected.

SOLUTION: Set the kill-bit for the affected ActiveX control.

PROVIDED AND/OR DISCOVERED BY: Nine:Situations:Group::pyrokinesis

ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_emc_keyhelp.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch

TITLE: GE Intelligent Platforms Multiple Products KeyHelp ActiveX Control Two Vulnerabilities

SECUNIA ADVISORY ID: SA49728

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49728/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49728

RELEASE DATE: 2012-06-29

DISCUSS ADVISORY: http://secunia.com/advisories/49728/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49728/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49728

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Two vulnerabilities have been reported in multiple GE Intelligent Platforms products, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are reported in the following products: * Proficy Historian versions 4.5, 4.0, 3.5, and 3.1 * Proficy HMI/SCADA \x96 iFIX versions 5.1 and 5.0 * Proficy Pulse version 1.0 * Proficy Batch Execution version 5.6 * SI7 I/O Driver versions 7.20 through 7.42

SOLUTION: Apply patch (please see the vendor's advisory for more information).

PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Andrea Micalizzi aka rgod via ZDI

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201207-0056",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "intelligent platforms proficy historian",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "3.1"
      },
      {
        "model": "intelligent platforms proficy batch execution",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "5.6"
      },
      {
        "model": "intelligent platforms proficy hmi\\/scada ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "5.1"
      },
      {
        "model": "intelligent platforms proficy historian",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "3.5"
      },
      {
        "model": "intelligent platforms si7 i\\/o driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "7.20"
      },
      {
        "model": "intelligent platforms proficy historian",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "4.5"
      },
      {
        "model": "intelligent platforms si7 i\\/o driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "7.42"
      },
      {
        "model": "intelligent platforms proficy historian",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "4.0"
      },
      {
        "model": "intelligent platforms proficy hmi\\/scada ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "5.0"
      },
      {
        "model": "intelligent platforms proficy pulse",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge",
        "version": "1.0"
      },
      {
        "model": "proficy historian",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "general electric",
        "version": "4.5"
      },
      {
        "model": "proficy historian",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "general electric",
        "version": "3.1"
      },
      {
        "model": "proficy historian",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "general electric",
        "version": "3.5"
      },
      {
        "model": "proficy historian",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "general electric",
        "version": "4.0"
      },
      {
        "model": "documentum applicationxtender desktop",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "emc",
        "version": "5.4"
      },
      {
        "model": "captiva quickscan pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "emc",
        "version": "4.6"
      },
      {
        "model": "captiva quickscan pro",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "4.6 sp1"
      },
      {
        "model": "documentum applicationxtender desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "5.4"
      },
      {
        "model": "proficy batch execution",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "general electric",
        "version": "5.6"
      },
      {
        "model": "proficy hmi/scada - ifix",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "general electric",
        "version": "5.0"
      },
      {
        "model": "proficy hmi/scada - ifix",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "general electric",
        "version": "5.1"
      },
      {
        "model": "proficy pulse",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "general electric",
        "version": "1.0"
      },
      {
        "model": "si7 i/o driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "general electric",
        "version": "7.20 to  7.42"
      },
      {
        "model": "proficy hmi/scada-ifix",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "general electric",
        "version": "5.0"
      },
      {
        "model": "proficy hmi/scada-ifix",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "general electric",
        "version": "5.1"
      },
      {
        "model": "electric proficy hmi/scada-ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "5.1"
      },
      {
        "model": "electric proficy hmi/scada-ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "5.0"
      },
      {
        "model": "electric proficy historian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "4.5"
      },
      {
        "model": "electric proficy historian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "4.0"
      },
      {
        "model": "electric proficy historian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "3.5"
      },
      {
        "model": "electric proficy historian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "general",
        "version": "3.1"
      },
      {
        "model": "keyhelp module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "keyworks",
        "version": "1.2.312"
      },
      {
        "model": "captiva quickscan pro sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "emc",
        "version": "4.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "captiva quickscan pro",
        "version": "4.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "documentum applicationxtender desktop",
        "version": "5.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy batch execution",
        "version": "5.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy historian",
        "version": "3.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy historian",
        "version": "3.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy historian",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy historian",
        "version": "4.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy hmi scada ifix",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy hmi scada ifix",
        "version": "5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms proficy pulse",
        "version": "1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms si7 i o driver",
        "version": "7.20"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "intelligent platforms si7 i o driver",
        "version": "7.42"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "BID",
        "id": "36546"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Andrea Micalizzi",
    "sources": [
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2515",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2012-2515",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "b1754968-2353-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-2515",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-522",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "b1754968-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. GE Intelligent Platforms is a software and hardware product, service and expertise for users in the field of automation control and embedded. GE Proficy\u0027s multiple product KeyHelp.ocx controls fail to properly handle user-committed input, allowing attackers to perform stack-based buffer overflow attacks that can execute arbitrary code in the context of the application. KeyWorks KeyHelp Module is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successful exploits will compromise the application and the computer. Failed attacks will cause denial-of-service conditions. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nKeyWorks KeyHelp ActiveX Control Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA36905\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36905/\n\nDESCRIPTION:\npyrokinesis has discovered a vulnerability in the KeyWorks KeyHelp\nActiveX control, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nThe vulnerability is caused due to a boundary error in the\nKeyHelp.KeyCtrl.1 ActiveX control (KeyHelp.ocx). This can be\nexploited to cause a stack-based buffer overflow via an overly long\nargument passed to the \"JumpMappedID()\" or \"JumpURL()\" method. \n\nSuccessful exploitation allows execution of arbitrary code. \n\nThe vulnerability is confirmed in KeyHelp.ocx version 1.2.3120.0. \nOther versions may also be affected. \n\nSOLUTION:\nSet the kill-bit for the affected ActiveX control. \n\nPROVIDED AND/OR DISCOVERED BY:\nNine:Situations:Group::pyrokinesis\n\nORIGINAL ADVISORY:\nhttp://retrogod.altervista.org/9sg_emc_keyhelp.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nGE Intelligent Platforms Multiple Products KeyHelp ActiveX Control\nTwo Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49728\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49728/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728\n\nRELEASE DATE:\n2012-06-29\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49728/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49728/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple GE Intelligent\nPlatforms products, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nThe vulnerabilities are reported in the following products:\n* Proficy Historian versions 4.5, 4.0, 3.5, and 3.1\n* Proficy HMI/SCADA \\x96 iFIX versions 5.1 and 5.0\n* Proficy Pulse version 1.0\n* Proficy Batch Execution version 5.6\n* SI7 I/O Driver versions 7.20 through 7.42\n\nSOLUTION:\nApply patch (please see the vendor\u0027s advisory for more information). \n\nPROVIDED AND/OR DISCOVERED BY:\n2) The vendor credits Andrea Micalizzi aka rgod via ZDI",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "BID",
        "id": "36546"
      },
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "PACKETSTORM",
        "id": "81748"
      },
      {
        "db": "PACKETSTORM",
        "id": "81740"
      },
      {
        "db": "PACKETSTORM",
        "id": "114351"
      }
    ],
    "trust": 3.15
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2515",
        "trust": 3.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-131-02",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "36546",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "36905",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "36914",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-2795",
        "trust": 1.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-2793",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "54215",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "49728",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "19918",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "B1754968-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "81748",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81740",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "114351",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "BID",
        "id": "36546"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "PACKETSTORM",
        "id": "81748"
      },
      {
        "db": "PACKETSTORM",
        "id": "81740"
      },
      {
        "db": "PACKETSTORM",
        "id": "114351"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "id": "VAR-201207-0056",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      }
    ],
    "trust": 1.4244474999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:04:22.574000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Captiva",
        "trust": 0.8,
        "url": "http://japan.emc.com/enterprise-content-management/captiva/captiva.htm"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.ge-ip.com/"
      },
      {
        "title": "GEIP12-04",
        "trust": 0.8,
        "url": "http://support.ge-ip.com/support/resources/sites/ge_fanuc_support/content/live/kb/14000/kb14863/en_us/geip12-04%20security%20advisory%20-%20proficy%20html%20help.pdf"
      },
      {
        "title": "partner",
        "trust": 0.8,
        "url": "http://www.ge-ip.co.jp/partner.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.ge-ip.co.jp/"
      },
      {
        "title": "Patch for GE Proficy Product Stack Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/18408"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-131-02.pdf"
      },
      {
        "trust": 1.8,
        "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
      },
      {
        "trust": 1.7,
        "url": "http://support.ge-ip.com/support/resources/sites/ge_fanuc_support/content/live/kb/14000/kb14863/en_us/geip12-04%20security%20advisory%20-%20proficy%20html%20help.pdf"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/36905"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/36914"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/36546"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2009/2793"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2009/2795"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2515"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2515"
      },
      {
        "trust": 0.6,
        "url": "http://www.www.us-cert.gov/control_systems/pdf/icsa-12-131-02.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49728"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/54215"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19918"
      },
      {
        "trust": 0.3,
        "url": "http://www.keyworks.net/keyhelp.htm"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/240797"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/36905/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36914/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49728/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49728/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=s:kb14863"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "BID",
        "id": "36546"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "PACKETSTORM",
        "id": "81748"
      },
      {
        "db": "PACKETSTORM",
        "id": "81740"
      },
      {
        "db": "PACKETSTORM",
        "id": "114351"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "BID",
        "id": "36546"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "db": "PACKETSTORM",
        "id": "81748"
      },
      {
        "db": "PACKETSTORM",
        "id": "81740"
      },
      {
        "db": "PACKETSTORM",
        "id": "114351"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-29T00:00:00",
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "date": "2012-06-27T00:00:00",
        "db": "BID",
        "id": "54215"
      },
      {
        "date": "2009-09-29T00:00:00",
        "db": "BID",
        "id": "36546"
      },
      {
        "date": "2012-07-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "date": "2009-10-01T13:53:12",
        "db": "PACKETSTORM",
        "id": "81748"
      },
      {
        "date": "2009-09-30T15:12:07",
        "db": "PACKETSTORM",
        "id": "81740"
      },
      {
        "date": "2012-06-29T03:34:47",
        "db": "PACKETSTORM",
        "id": "114351"
      },
      {
        "date": "2012-07-05T03:23:18.480000",
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "date": "2012-06-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      },
      {
        "date": "2015-03-19T09:26:00",
        "db": "BID",
        "id": "54215"
      },
      {
        "date": "2015-04-13T20:02:00",
        "db": "BID",
        "id": "36546"
      },
      {
        "date": "2012-07-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003013"
      },
      {
        "date": "2012-07-17T04:00:00",
        "db": "NVD",
        "id": "CVE-2012-2515"
      },
      {
        "date": "2012-06-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "54215"
      },
      {
        "db": "BID",
        "id": "36546"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "GE Proficy Product Stack Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3421"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "b1754968-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-522"
      }
    ],
    "trust": 0.8
  }
}

GSD-2012-2515

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-2515

Aliases

CVE-2012-2515

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2515",
    "description": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.",
    "id": "GSD-2012-2515"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2515"
      ],
      "details": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.",
      "id": "GSD-2012-2515",
      "modified": "2023-12-13T01:20:16.412032Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2012-2515",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2009-2795",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/2795"
          },
          {
            "name": "ADV-2009-2793",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/2793"
          },
          {
            "name": "36546",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/36546"
          },
          {
            "name": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf",
            "refsource": "CONFIRM",
            "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
          },
          {
            "name": "36914",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36914"
          },
          {
            "name": "36905",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36905"
          },
          {
            "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf",
            "refsource": "MISC",
            "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
          },
          {
            "name": "http://retrogod.altervista.org/9sg_emc_keyhelp.html",
            "refsource": "MISC",
            "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-2515"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36546",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/36546"
            },
            {
              "name": "ADV-2009-2793",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/2793"
            },
            {
              "name": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
            },
            {
              "name": "ADV-2009-2795",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/2795"
            },
            {
              "name": "http://retrogod.altervista.org/9sg_emc_keyhelp.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
            },
            {
              "name": "36914",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/36914"
            },
            {
              "name": "36905",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/36905"
            },
            {
              "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf",
              "refsource": "MISC",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2012-07-17T04:00Z",
      "publishedDate": "2012-07-05T03:23Z"
    }
  }
}

ICSA-12-131-02

Vulnerability from csaf_cisa - Published: 2012-02-11 07:00 - Updated: 2025-06-05 21:50

Summary

GE Intelligent Platforms Proficy HTML Help Vulnerabilities

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-131-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2012/icsa-12-131-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-131-02 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-131-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "GE Intelligent Platforms Proficy HTML Help Vulnerabilities",
    "tracking": {
      "current_release_date": "2025-06-05T21:50:21.057143Z",
      "generator": {
        "date": "2025-06-05T21:50:21.057113Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-12-131-02",
      "initial_release_date": "2012-02-11T07:00:00.000000Z",
      "revision_history": [
        {
          "date": "2012-02-11T07:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2025-06-05T21:50:21.057143Z",
          "legacy_version": "CSAF Conversion",
          "number": "2",
          "summary": "Advisory converted into a CSAF"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4.5|4.0|3.5|3.1",
                "product": {
                  "name": "GE Proficy Historian: 4.5|4.0|3.5|3.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Proficy Historian"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "5.1|5.0",
                "product": {
                  "name": "GE Proficy HMI/SCADA \u2013 iFIX: 5.1|5.0",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Proficy HMI/SCADA \u2013 iFIX"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "GE Proficy Pulse: 1.0",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Proficy Pulse"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "5.6",
                "product": {
                  "name": "GE Proficy Batch Execution: 5.6",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Proficy Batch Execution"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "7.20|7.42",
                "product": {
                  "name": "GE SI7 I/O Driver: 7.20|7.42",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "SI7 I/O Driver"
          }
        ],
        "category": "vendor",
        "name": "GE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=7.20|\u003c=7.42",
                "product": {
                  "name": "GE SI7 I/O Driver: \u003e=7.20|\u003c=7.42",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "SI7 I/O Driver"
          }
        ],
        "category": "vendor",
        "name": "GE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-2515",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE Intelligent Platforms recommends that the KeyHelp.ocx ActiveX control be unregistered and deleted to eliminate these vulnerabilities. GE Intelligent Platforms has recommended specific control removal instructions for each of the affected products to ensure it continues to function properly once the control is removed.  Please see GE Security Advisory GEIP12-04 at the following location: (https://ge-ip.force.com/communities/en_US/Article/GE-Intelligent-Platforms-Security-Advisory-GEIP12-04)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://ge-ip.force.com/communities/en_US/Article/GE-Intelligent-Platforms-Security-Advisory-GEIP12-04"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-2516",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 through 7.42; and other products, allows remote attackers to execute arbitrary commands via crafted input, related to a \"command injection vulnerability.\"",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE Intelligent Platforms recommends that the KeyHelp.ocx ActiveX control be unregistered and deleted to eliminate these vulnerabilities. GE Intelligent Platforms has recommended specific control removal instructions for each of the affected products to ensure it continues to function properly once the control is removed.  Please see GE Security Advisory GEIP12-04 at the following location: (https://ge-ip.force.com/communities/en_US/Article/GE-Intelligent-Platforms-Security-Advisory-GEIP12-04)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006"
          ],
          "url": "https://ge-ip.force.com/communities/en_US/Article/GE-Intelligent-Platforms-Security-Advisory-GEIP12-04"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006"
          ]
        }
      ]
    }
  ]
}

GHSA-C4F6-GG76-2X9X

Vulnerability from github – Published: 2022-05-17 05:27 – Updated: 2022-05-17 05:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2515"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-07-05T03:23:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.",
  "id": "GHSA-c4f6-gg76-2x9x",
  "modified": "2022-05-17T05:27:44Z",
  "published": "2022-05-17T05:27:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2515"
    },
    {
      "type": "WEB",
      "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36905"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36914"
    },
    {
      "type": "WEB",
      "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36546"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2793"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2795"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2012-2515

Vulnerability from fkie_nvd - Published: 2012-07-05 03:23 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://retrogod.altervista.org/9sg_emc_keyhelp.html	Exploit
ics-cert@hq.dhs.gov	http://secunia.com/advisories/36905	Vendor Advisory
ics-cert@hq.dhs.gov	http://secunia.com/advisories/36914	Vendor Advisory
ics-cert@hq.dhs.gov	http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf	Vendor Advisory
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/36546	Exploit
ics-cert@hq.dhs.gov	http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf	US Government Resource
ics-cert@hq.dhs.gov	http://www.vupen.com/english/advisories/2009/2793
ics-cert@hq.dhs.gov	http://www.vupen.com/english/advisories/2009/2795
af854a3a-2127-422b-91ae-364da2661108	http://retrogod.altervista.org/9sg_emc_keyhelp.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36905	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36914	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36546	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2793
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2795

Impacted products

Vendor	Product	Version
emc	captiva_quickscan_pro	4.6
emc	documentum_applicationxtender_desktop	5.4
ge	intelligent_platforms_proficy_batch_execution	5.6
ge	intelligent_platforms_proficy_historian	3.1
ge	intelligent_platforms_proficy_historian	3.5
ge	intelligent_platforms_proficy_historian	4.0
ge	intelligent_platforms_proficy_historian	4.5
ge	intelligent_platforms_proficy_hmi\/scada_ifix	5.0
ge	intelligent_platforms_proficy_hmi\/scada_ifix	5.1
ge	intelligent_platforms_proficy_pulse	1.0
ge	intelligent_platforms_si7_i\/o_driver	7.20
ge	intelligent_platforms_si7_i\/o_driver	7.42

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:captiva_quickscan_pro:4.6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "8B464AC4-7766-47DB-AE36-1E26D244EC67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:documentum_applicationxtender_desktop:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A361D413-79A2-492B-A675-7A40023BC0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_batch_execution:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D91A768-D643-4601-B11D-2C5FB60B8566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "612B7F05-3C6D-43CA-8D6C-F0A887789EF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D29C00B-B754-47C5-BBD0-D63DDD252DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BC9F852-EA9A-497D-9ED2-DAF926D0440A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C8C84F4-699E-4D77-AF36-19DF28AE16CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A4CBC3-3B98-4700-8710-4D4FFCA55315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_ifix:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ABA340B-B00B-41EC-8270-68139B63D09A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_pulse:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "738ACF30-4F1A-44C6-9A97-46F5566ACC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "641F3A0F-9E07-413D-869C-8E123636DD0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:intelligent_platforms_si7_i\\/o_driver:7.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA786450-C420-420A-9C5E-49D408B6B3C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en el control ActiveX KeyHelp.KeyCtrl.1 en KeyHelp.ocx v1.2.312 en KeyWorks KeyHelp Module (tambi\u00e9n conocido como el componente HTML Help), tal como se utiliza en EMC Documentum ApplicationXtender Desktop v5.4; EMC Captiva Quickscan Pro v4.6 SP1; GE Intelligent Platforms Proficy Historian v3.1, v3.5, v4.0 y v4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX v5.0 y v5.1; Proficy Pulse v1,0; Proficy Batch Execution v5,6, SI7 ??E/S Driverv 7.20 hasta 7.42, y otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una larga cadena en el segundo argumento del m\u00e9todo (1) JumpMappedID o (2) JumpURL."
    }
  ],
  "id": "CVE-2012-2515",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-07-05T03:23:18.480",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Exploit"
      ],
      "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36905"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36914"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/36546"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://www.vupen.com/english/advisories/2009/2793"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://www.vupen.com/english/advisories/2009/2795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/36546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2795"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-2515 (GCVE-0-2012-2515)

VAR-201207-0056

GSD-2012-2515

ICSA-12-131-02

GHSA-C4F6-GG76-2X9X

FKIE_CVE-2012-2515

Tags

Sightings

Nomenclature