QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-17925

Back to search

CVE-2018-17925

Published: Oct 10, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users to the reported vulnerability. The reported method shown to impact Internet Explorer is not exposed in the iFIX product, nor is the core functionality of the iFIX product known to be impacted.

VendorProductVersions

GE

iFix

affected
2.0 - 5.0
affected
5.1
affected
5.5
affected
5.8

Weaknesses (CWE)

CWE-623

References

105540
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now