CVE-2013-6040

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls versions before 4.0 are vulnerable to arbitrary code via crafted HTML document.

CVSS 8.1 HIGHEPSS 7.4%

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls before version 4.0 vulnerable to arbitrary code via a crafted HTML document. Latest versions (4.0) of MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls have resolved the issue

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

MW6 Tech · MW6 Aztec ActiveX Controls MW6 Tech · MW6 DataMatrix ActiveX Controls MW6 Tech · MW6 MaxiCode ActiveX Controls

public PoCs found — 5

cve_referencewww.exploit-db.com/exploits/31176unverified cve_referencewww.exploit-db.com/exploits/31177unverified exploitdbwww.exploit-db.com/exploits/31176unverified exploitdbwww.exploit-db.com/exploits/31177unverified exploitdbwww.exploit-db.com/exploits/31178unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.mw6tech.com http://www.exploit-db.com/exploits/31176 http://www.exploit-db.com/exploits/31177 http://www.kb.cert.org/vuls/id/219470