Security Advisory

CVE-2014-2956

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-07-08 10:00:00

Last updated 2024-08-06 10:28:45

Assigner certcc

State PUBLISHED

Description

ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site.

← Browse all CVEs View on cve.org ↗