CVE-2013-5024
First published: Tue Aug 06 2013(Updated: )
An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NI MeasurementStudio | <=2013 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-5024?
CVE-2013-5024 is classified as a moderate severity vulnerability.
How do I fix CVE-2013-5024?
To fix CVE-2013-5024, update to a version of National Instruments Measurement Studio that is later than 2013.
What kind of attack does CVE-2013-5024 enable?
CVE-2013-5024 allows remote attackers to gather sensitive information about registry keys.
Which software is affected by CVE-2013-5024?
CVE-2013-5024 affects the National Instruments Measurement Studio 2013 and earlier versions.
What component is vulnerable in CVE-2013-5024?
The vulnerable component in CVE-2013-5024 is the ActiveX control in NationalInstruments.Help2.dll.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ni
- canonical/ni measurementstudio
- version/ni measurementstudio/2013