Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2013-6040

Published: 21/01/2014 Updated: 07/08/2015
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 945
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Mw6tech

Vulnerability Summary

Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls allow remote malicious users to execute arbitrary code via a crafted HTML document.

Vulnerable Product Search on Vulmon Subscribe to Product

mw6tech aztec activex control -

mw6tech datamatrix activex control -

mw6tech maxicode activex control -

Exploits

Exploit DB: MW6 Technologies Aztec - ActiveX 'Data' Buffer Overflow (PoC)
<!-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution COM Object - {F359732D-D020-40ED-83FF-F381EFE36B54} MW6Aztec Class File Description : Aztec ActiveX File Version : 4, 0, 0, 1 To trigger the overflo ...
Exploit DB: MW6 Technologies Datamatrix - ActiveX 'Data' Buffer Overflow
<!-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow PROBABLY leading to arbitrary code execution COM Object - {DE7DA0B5-7D7B-4CEA-8739-65CF600D511E} MW6DataMatrix Class File Description : DataMatrix ActiveX File Version : 4, 0, 0, 1 To trigger the ...
Exploit DB: MW6 Technologies MaxiCode - ActiveX 'Data' Buffer Overflow (PoC)
<!-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution COM Object - {2355C601-37D1-42B4-BEB1-03C773298DC8} MW6MaxiCode Class File Description : MaxiCode ActiveX File Version : 4, 0, 0, 1 To trigger the o ...

Recent Articles

MiniDuke miscreants whip out old-school tricks to spy on world+dog
The Register • John Leyden • 27 Feb 2013

The '90s called... they want their malware back

A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, and a healthcare provider in the US were also compromised. A prominent research organisation in Hungary was also infected with the mystery malware. An analysis of logs fr...

Read more...

References

NVD-CWE-noinfohttp://www.kb.cert.org/vuls/id/219470http://www.exploit-db.com/exploits/31176http://www.exploit-db.com/exploits/31177https://nvd.nist.govhttps://www.theregister.co.uk/2013/02/27/miniduke/https://www.exploit-db.com/exploits/31176/https://www.kb.cert.org/vuls/id/219470
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook