Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2817

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2013-2817
Last Modified 24 Feb 2014 01:48:07
Published 23 Feb 2014 11:48:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-2817

Summary

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Vulnerable Systems

Application

  • Mitsubishielectric Mc-worx Suite 8.02


References

CONFIRM - http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02


Last Updated: 27 May 2016 10:53:57