Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35117 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2019-08-15T18:53:58
Updated: 2019-08-15T18:53:58
Reserved: 2019-06-13T00:00:00
Link: CVE-2019-12809
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-15T19:15:10.797
Modified: 2020-10-06T14:38:41.627
Link: CVE-2019-12809
JSON object: View
Redhat Information
No data.