Published: 19/04/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote malicious users to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.

Vulnerable Product	Search on Vulmon	Subscribe to Product
softwin bitdefender

source: wwwsecurityfocuscom/bid/10175/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability This issue is due to a design error that allows a remote user to execute a method in the offending object that provides access to unauthorized information This issue would allow an at ...

source: wwwsecurityfocuscom/bid/10174/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability This issue is due to a design error that allows a remote user to specify a file to be uploaded and executed on a system running the affected software This issue may be leveraged by ...

NVD-CWE-Other http://www.securityfocus.com/bid/10175 http://secunia.com/advisories/11427 http://www.securityfocus.com/bid/10174 http://www.osvdb.org/5549 http://securitytracker.com/id?1009862 http://marc.info/?l=bugtraq&m=108240639427412&w=2 http://marc.info/?l=bugtraq&m=108248367901616&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15911 https://nvd.nist.gov https://www.exploit-db.com/exploits/24025/

CVE-2004-1947

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect