Description
An ActiveX control is intended for restricted use, but it has been marked as safe-for-scripting.
Extended Description
This might allow attackers to use dangerous functionality via a web page that accesses the control, which can lead to different resultant vulnerabilities, depending on the control's behavior.
CVE vulnerabilities with CWE-623 (3)
8.7
CVSS
HIGH
CVE-2011-10028
pub. 2025-08-20
7.5
CVSS
HIGH
CVE-2014-2368
pub. 2014-07-19
4.8
CVSS
MEDIUM
CVE-2018-17925
pub. 2018-10-10