CVE-2013-6040

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls before version 4.0 vulnerable to arbitrary code via a crafted HTML document. Latest versions (4.0) of MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls have resolved the issue
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
certccCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
mw6techaztec_activex_control
-
mw6techdatamatrix_activex_control
-
mw6techmaxicode_activex_control
-
𝑥
= Vulnerable software versions
References
http://www.exploit-db.com/exploits/31176
http://www.exploit-db.com/exploits/31177
http://www.kb.cert.org/vuls/id/219470
https://www.mw6tech.com
http://www.exploit-db.com/exploits/31176
http://www.exploit-db.com/exploits/31177
http://www.kb.cert.org/vuls/id/219470