Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 24/02/2014 Updated: 24/02/2014

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote malicious users to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mitsubishielectric mc-worx suite

<html> <object classid='clsid:C28A127E-4A85-11D3-A5FF-00A0249E352D' id='target'></object> <!-- Mitsubishi MC-WorkX Suite Insecure ActiveX Control - IcoLaunchdll Vendor: wwwmeaucom Version: MC-WorkX 802 Tested on: Windows XP SP3 / IE 6 Download: wwwmeaucom/functions/dms/getfileasp?ID=035000000000000001000000 ...

CWE-94 http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02 http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works https://nvd.nist.gov https://www.exploit-db.com/exploits/28284/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2817

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect