CVE-2012-2515
CRITICAL
9.3
CVSS Severity Score
Vulnerability Description
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.
Affected Platforms (CPE)
π¦
Emc
Captiva Quickscan Pro
= 4.6π¦
Emc
Documentum Applicationxtender Desktop
= 5.4π¦
Ge
Intelligent Platforms Proficy Batch Execution
= 5.6π¦
Ge
Intelligent Platforms Proficy Historian
= 3.1π¦
Ge
Intelligent Platforms Proficy Historian
= 3.5π¦
Ge
Intelligent Platforms Proficy Historian
= 4.0π¦
Ge
Intelligent Platforms Proficy Historian
= 4.5π¦
Ge
Intelligent Platforms Proficy Hmi\/scada Ifix
= 5.0π¦
Ge
Intelligent Platforms Proficy Hmi\/scada Ifix
= 5.1π¦
Ge
Intelligent Platforms Proficy Pulse
= 1.0π¦
Ge
Intelligent Platforms Si7 I\/o Driver
= 7.20π¦
Ge