logo

CWE-623 - Unsafe ActiveX Control Marked Safe For Scripting

CWE-623

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Unsafe ActiveX Control Marked Safe For Scripting

Description

An ActiveX control is intended for restricted use, but it has been marked as safe-for-scripting.

This might allow attackers to use dangerous functionality via a web page that accesses the control, which can lead to different resultant vulnerabilities, depending on the control's behavior.

Common Consequences

Scope: Confidentiality, Integrity, Availability

Impact: Execute Unauthorized Code or Commands

Related Weaknesses
  • Release Date:
  • 2007-05-07
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website