CVE-2013-2602 Information

Feb 14, 2021 cve

Description

Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray or (2) seTokensValuesArray parameter to the AddTokens method; (3) seLastNameTokensArray parameter to the AddLastNameTokens method; (4) seFrameIdArray (5) seSourceIdArray (6) seHasBreakdownArray (7) seIsIndexedArray (8) seAllConcatArray (9) seRefererURLArray or (10) seMandatoryFieldsArray parameter to the AddMultipleSearches method; (11) seSourceIdArray (12) seIsIndexedArray (13) seAllConcatArray (14) seRefererURLArray (15) seQATestsArray (16) seAllSourceIDsArray (17) seAllSourceTitlesArray (18) seMandatoryFieldsArray or (19) seAllSourceRootURLArray parameter to the TestYourself method.

Reference

http://osvdb.org/93498 http://osvdb.org/93499 http://osvdb.org/93500 http://osvdb.org/93501

Share on: