Vulnerability Description
An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ni | Measurementstudio | <= 2013 |
References
- http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocuVendor Advisory
- http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenVendor Advisory
- http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenVendor Advisory
- http://digital.ni.com/public.nsf/allkb/548965C170D6AA2586257BD3004B146B?OpenDocuVendor Advisory
- http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenVendor Advisory
- http://digital.ni.com/public.nsf/websearch/D8E97E95D59AC17086257B3600508823?OpenVendor Advisory
FAQ
What is CVE-2013-5024?
CVE-2013-5024 is a vulnerability with a CVSS score of 4.3 (MEDIUM). An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to ob...
How severe is CVE-2013-5024?
CVE-2013-5024 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5024?
Check the references section above for vendor advisories and patch information. Affected products include: Ni Measurementstudio.