Описание
EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.1.37 (исключая)
cpe:2.3:a:emc:captiva_einput:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00506
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site.
EPSS
Процентиль: 66%
0.00506
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-264