CVE-2004-1947

BitDefender Scan Online - Info Disclosure

Title source: llm

Description

The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Rafel Ivgi The-Insider · textremotewindows

https://www.exploit-db.com/exploits/24025

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Rafel Ivgi The-Insider · htmlremotewindows

https://www.exploit-db.com/exploits/24024

View Code ZIP pw:eip

References (8)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15911

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/10174

[Mailing List] http://marc.info/?l=bugtraq&m=108248367901616&w=2

[Exploit, Vendor Advisory] http://secunia.com/advisories/11427

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/10175

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1009862

[Third Party Advisory, VDB Entry] http://www.osvdb.org/5549

[Mailing List] http://marc.info/?l=bugtraq&m=108240639427412&w=2

Scores

EPSS 0.0973

EPSS Percentile 93.0%

Details

Status published

Products (1)

softwin/bitdefender

Published Apr 19, 2004

Tracked Since Feb 18, 2026