Overview
- Description
- The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softwin:bitdefender:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E66C8032-485B-4B96-93A6-93BC051DCE2A"
}
],
"operator": "OR"
}
]
}
]