Vulnerabilities > CVE-2004-1947 - Unspecified vulnerability in Softwin Bitdefender
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN softwin
exploit available
Summary
The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure Vulnerability. CVE-2004-1947. Remote exploit for windows platform id EDB-ID:24025 last seen 2016-02-02 modified 2004-04-19 published 2004-04-19 reporter Rafel Ivgi The-Insider source https://www.exploit-db.com/download/24025/ title Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure Vulnerability description Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability. CVE-2004-1947. Remote exploit for windows platform id EDB-ID:24024 last seen 2016-02-02 modified 2004-04-19 published 2004-04-19 reporter Rafel Ivgi The-Insider source https://www.exploit-db.com/download/24024/ title Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability
References
- http://www.securityfocus.com/bid/10175
- http://secunia.com/advisories/11427
- http://www.securityfocus.com/bid/10174
- http://www.osvdb.org/5549
- http://securitytracker.com/id?1009862
- http://marc.info/?l=bugtraq&m=108240639427412&w=2
- http://marc.info/?l=bugtraq&m=108248367901616&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15911