CVE Vulnerabilities

CVE-2014-2956

Published: Jul 08, 2014 | Modified: Jul 08, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site.

Affected Software

Name Vendor Start Version End Version
Safeguard Avg * 18.1.7 (including)
Secure_search_toolbar Avg * 18.1.7 (including)

References