CVE-2013-5024

Опубликовано: 06 авг. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.

Ссылки

http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument
Vendor Advisory
http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument
Vendor Advisory
http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument
Vendor Advisory
http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocument
Vendor Advisory
http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument
Vendor Advisory
http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenDocument
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*

Версия до 2013 (включая)

EPSS

Процентиль: 53%

0.00307

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-r2j2-hq8w-23q8

github

больше 3 лет назад