Unrated severityNVD Advisory· Published Jul 8, 2014· Updated Jun 17, 2026
CVE-2014-2956
CVE-2014-2956
Description
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:avg:safeguard:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avg:safeguard:*:*:*:*:*:*:*:*range: <=18.1.7
- (no CPE)range: <18.1.7.644
cpe:2.3:a:avg:secure_search_toolbar:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avg:secure_search_toolbar:*:*:*:*:*:*:*:*range: <=18.1.7
- (no CPE)range: <18.1.7.598
Patches
Vulnerability mechanics
References
1- www.kb.cert.org/vuls/id/960193nvdUS Government Resource
News mentions
0No linked articles in our index yet.