CVE-2013-0108 Information

Description

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310 R400.2 R410.1 and R410.2; SymmetrE R310 R410.1 and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document.

Reference

http://ics-cert.us-cert.gov/pdf/ICSA-13-053-02.pdf