漏洞标题
N/A
漏洞描述信息
"在AVG AVG Secure Search toolbar 18.1.7.598之前的AVG ScriptHelper ActiveX控制以及在AVG Safeguard 18.1.7.644之前的AVG Safeguard,并未实现基于域名的方法调用访问控制,这允许远程攻击者通过精心构造的网页触发下载和执行任意程序的行为。"
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
AVG Secure Search toolbar和AVG Safeguard 权限许可和访问控制漏洞
漏洞描述信息
AVG Secure Search toolbar和AVG Safeguard都是捷克AVG公司的附属于AVG杀毒软件中的产品。AVG Secure Search toolbar是一套浏览器安全工具栏组件;AVG Safeguard是一套维护工具栏组件。 AVG Secure Search toolbar 18.1.7及之前的版本和AVG Safeguard 18.1.7及之前的版本的ScriptHelper.exe文件的AVG ScriptHelper ActiveX控件中的ScriptHelperAp
CVSS信息
N/A
漏洞类别
授权问题