CVE-2013-2817

Sažetak

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02
http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

24-02-2014 - 18:48

Objavljeno

24-02-2014 - 04:48