AVG 'ScriptHelperApi' ActiveX Remote Code Execution
High Nessus Plugin ID 76589
SynopsisThe remote Windows host has an ActiveX control that is affected by a remote code execution vulnerability.
DescriptionThe remote host is running a version of AVG Secure Search toolbar / AVG Safeguard, prior to version 18.1.7. The AVG ScriptHelperApi ActiveX control distributed with the software is affected by a remote code execution vulnerability. The installed ActiveX control fails to properly enforce restrictions on websites that can invoke its methods.
An attacker may exploit this issue in order to execute arbitrary code within the context of the application.
SolutionUpgrade AVG Secure Search toolbar / AVG Safeguard to version 22.214.171.1248 / 126.96.36.1994 or later.