NVD

Id
38599  
Name
CVE-2013-2602  
Description
Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokensValuesArray parameter to the AddTokens method; (3) seLastNameTokensArray parameter to the AddLastNameTokens method; (4) seFrameIdArray, (5) seSourceIdArray, (6) seHasBreakdownArray, (7) seIsIndexedArray, (8) seAllConcatArray, (9) seRefererURLArray, or (10) seMandatoryFieldsArray parameter to the AddMultipleSearches method; (11) seSourceIdArray, (12) seIsIndexedArray, (13) seAllConcatArray, (14) seRefererURLArray, (15) seQATestsArray, (16) seAllSourceIDsArray, (17) seAllSourceTitlesArray, (18) seMandatoryFieldsArray, or (19) seAllSourceRootURLArray parameter to the TestYourself method.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2014-06-06  
Modified Date
2014-06-09  
Seq
2013-2602  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24993 JVNDB-2013-006568 MyHeritage SEQueryObject ActiveX コントロールにおける任意のコードを実行される脆弱性 MyHeritage SEQueryObject ActiveX コントロール (SearchEngineQuery.dll) には、配列のインデックスエラーにより、任意のコードを実行される脆弱性が存在します。 CVE-2013-2602 62544 CVE-2013-2602 38599 9.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006568.html 2013-05-20 2014-06-10 View