CVE-2013-6040 - Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls all

CVE-2013-6040

Summary

Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls allow remote attackers to execute arbitrary code via a crafted HTML document.

References

http://www.exploit-db.com/exploits/31176
http://www.exploit-db.com/exploits/31177
http://www.kb.cert.org/vuls/id/219470

Vulnerable Configurations

cpe:2.3:a:mw6tech:aztec_activex_control:-:*:*:*:*:*:*:*
cpe:2.3:a:mw6tech:aztec_activex_control:-:*:*:*:*:*:*:*
cpe:2.3:a:mw6tech:datamatrix_activex_control:-:*:*:*:*:*:*:*
cpe:2.3:a:mw6tech:datamatrix_activex_control:-:*:*:*:*:*:*:*
cpe:2.3:a:mw6tech:maxicode_activex_control:-:*:*:*:*:*:*:*
cpe:2.3:a:mw6tech:maxicode_activex_control:-:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 07-08-2015 - 17:41)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

cert-vn	VU#219470
exploit-db	31176 31177

Last major update

07-08-2015 - 17:41

Published

21-01-2014 - 01:55

Last modified

07-08-2015 - 17:41