7 matches found
EUVD-2014-2978
Malware in sbrugna...
AVG 'ScriptHelperApi' ActiveX Remote Code Execution
The remote host is running a version of AVG Secure Search toolbar / AVG Safeguard, prior to version 18.1.7. The AVG ScriptHelperApi ActiveX control distributed with the software is affected by a remote code execution vulnerability. The installed ActiveX control fails to properly enforce...
CVE-2014-2956
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
Design/Logic Flaw
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
CVE-2014-2956
CVE-2014-2956 affects AVG Secure Search toolbar (before 18.1.7.598) and AVG Safeguard (before 18.1.7.644). The ScriptHelperApi ActiveX control does not enforce domain-based access control for its methods, enabling remote attackers to trigger downloading/execution of arbitrary code via a crafted w...
CVE-2014-2956
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
AVG Safeguard and Secure Search ActiveX controls provides insecure methods
Overview The AVG Secure Search toolbar, also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description AVG Secure Search is a toolbar add-on...