{
  "schema_version": "1.4.0",
  "id": "GHSA-x4j8-mmc7-549m",
  "modified": "2022-05-17T05:27:44Z",
  "published": "2022-05-17T05:27:44Z",
  "aliases": [
    "CVE-2012-2516"
  ],
  "details": "An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 through 7.42; and other products, allows remote attackers to execute arbitrary commands via crafted input, related to a \"command injection vulnerability.\"",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2516"
    },
    {
      "type": "WEB",
      "url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-02.pdf"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-07-05T03:23:00Z"
  }
}