7 matches found
EUVD-2014-2978
Malware in sbrugna...
AVG 'ScriptHelperApi' ActiveX Remote Code Execution
The remote host is running a version of AVG Secure Search toolbar / AVG Safeguard, prior to version 18.1.7. The AVG ScriptHelperApi ActiveX control distributed with the software is affected by a remote code execution vulnerability. The installed ActiveX control fails to properly enforce...
CVE-2014-2956
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
Design/Logic Flaw
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
CVE-2014-2956
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
CVE-2014-2956
CVE-2014-2956 affects AVG Secure Search toolbar (before 18.1.7.598) and AVG Safeguard (before 18.1.7.644). The ScriptHelperApi ActiveX control does not enforce domain-based access control for its methods, enabling remote attackers to trigger downloading/execution of arbitrary code via a crafted w...
AVG Safeguard and Secure Search ActiveX controls provides insecure methods
Overview The AVG Secure Search toolbar, also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description AVG Secure Search is a toolbar add-on...