Microsoft ActiveX Controls "InformationCardSigninHelper Class" Out-of-Bounds Memory Access Vulnerability
14 November 2013
A remote code execution vulnerability exists in the InformationCardSigninHelper Class ActiveX control. Specifically the issue occurs in the way "InformationCardSigninHelper Class" ActiveX control (icardie.dll) is loaded into Internet Explorer and causes system state corruption.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.
Ivan Ristic is well-known in the information security world, and his name has become almost a synonym for SSL Labs. Before that, he was mostly known for his work with OWASP and the development of ModSecurity.