5.3 2017-01-31T12:34:45 GE Proficy HMI SCADA CIMPLICITY WebView remote code execution - CVE-2014-0750 (GEIP13-05) Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622. HKEY_LOCAL_MACHINE DisplayVersion HKEY_LOCAL_MACHINE DisplayVersion oval:com.kaspersky.ics-cert:obj:1 oval:com.kaspersky.ics-cert:obj:6 HKEY_LOCAL_MACHINE InstallLocation HKEY_LOCAL_MACHINE InstallLocation oval:com.kaspersky.ics-cert:obj:39 oval:com.kaspersky.ics-cert:obj:40 oval:com.kaspersky.ics-cert:obj:48 oval:com.kaspersky.ics-cert:obj:49 HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\services\WEBVIEW Start HKEY_LOCAL_MACHINE DisplayVersion HKEY_LOCAL_MACHINE DisplayVersion oval:com.kaspersky.ics-cert:obj:45 oval:com.kaspersky.ics-cert:obj:46 HKEY_LOCAL_MACHINE InstallLocation HKEY_LOCAL_MACHINE InstallLocation ^WebServerRoot\s*=\s*(.+)$ 1 gefebt.exe gefebt.exe 4.01.743 reg_dword 2 9.00.23731 ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{((4AF366C7-81ED-420E-9B1E-6CBF8F96E722)|(C596BAFB-9F7B-4042-B765-660902CD2F05))}$ \data\globals.ini ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{((FE991EB0-7520-428A-930E-1C22C00E813A)|(6FA87207-DCF3-4DF5-8B5C-698736CC39CF))}$ \WebPages