CVE-2014-0750 Information

Description

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24 and Proficy Process Systems with CIMPLICITY allows remote attackers to execute arbitrary code via a crafted HTTP request aka ZDI-CAN-1622.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01 http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939 http://www.securityfocus.com/bid/65124