Ecava IntegraXor igcom.dll Traversal Arbitrary File Overwrite

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a SCADA application that is
affected by a directory traversal vulnerability.

Description :

The version of IntegraXor installed on the remote host is earlier
than 3.71 (Build 4200). As such, it is reportedly affected by a
directory traversal vulnerability in the ActiveX file 'igcom.dll'. User-
supplied input is not properly validated and can allow an attacker
to overwrite arbitrary files.

Solution :

Upgrade to version 3.71.4200.0 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 59325 ()

Bugtraq ID: 52763

CVE ID: CVE-2012-0246