Ecava IntegraXor < 4.00.4283 ActiveX Remote Buffer Overflow

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a SCADA application that is affected
by a buffer overflow vulnerability.

Description :

The version of IntegraXor installed on the remote host is earlier than
4.00 Build 4283. As such, it is reportedly affected by a buffer
overflow vulnerability in the ActiveX file 'PE3DO32A.ocx'. If an
attacker can trick a user on the affected host into visiting a specially
crafted web page, they may be able to leverage this issue to conduct a
denial of service (DoS) or execute arbitrary code on the host subject to
user's privileges.

See also :

http://www.nessus.org/u?063b0edb

Solution :

Upgrade to version 4.00.4283 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SCADA

Nessus Plugin ID: 64630 ()

Bugtraq ID: 57767

CVE ID: CVE-2012-4700