CVE-2011-4042

ARC Informatique PcVue 6.0-10.0 - Remote Code Execution via SVUIGrd.ocx ActiveX Control

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4042.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in PcVue SCADA software, including code execution, memory corruption, and file manipulation flaws in ActiveX components. The writeup includes disassembly snippets and exploitation details but does not contain functional exploit code.

Description

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.

Exploits (1)

exploitdb WRITEUP
doswindows
https://www.exploit-db.com/exploits/17896

This is a detailed technical analysis of multiple vulnerabilities in PcVue SCADA software, including code execution, memory corruption, and file manipulation flaws in ActiveX components. The writeup includes disassembly snippets and exploitation details but does not contain functional exploit code.

Classification
Writeup 100%
Attack Type
Rce | Info Leak | Other
Complexity
Moderate
Reliability
Theoretical
Target: PcVue <= 10.0, SVUIGrd.ocx <= 1.5.1.0, aipgctl.ocx <= 1.07.3702
No auth needed
Prerequisites: Access to vulnerable ActiveX components via a browser or application embedding them
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.0645
EPSS Percentile 92.8%

Details

Status published
Products (6)
arcinfo/frontvue
arcinfo/pcvue 6.0
arcinfo/pcvue 8.2
arcinfo/pcvue 9.0
arcinfo/pcvue 10.0
arcinfo/plantvue
Published Apr 03, 2012
Tracked Since Feb 18, 2026