ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35184 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2019-10-30T20:49:41
Updated: 2019-10-30T20:49:41
Reserved: 2019-10-07T00:00:00
Link: CVE-2019-17323
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-30T21:15:11.990
Modified: 2019-11-01T19:38:22.307
Link: CVE-2019-17323
JSON object: View
Redhat Information
No data.
CWE