CVE-2004-1947

critical

Description

The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15911

http://www.securityfocus.com/bid/10174

http://www.osvdb.org/5549

http://securitytracker.com/id?1009862

http://marc.info/?l=bugtraq&m=108248367901616&w=2

http://marc.info/?l=bugtraq&m=108240639427412&w=2

Details

Source: Mitre, NVD

Published: 2004-04-19

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.14496