Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execution.
References
Link | Resource |
---|---|
http://support.tobesoft.co.kr/Support/index.html | Vendor Advisory |
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35358 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2020-05-06T12:47:56
Updated: 2020-05-06T12:47:56
Reserved: 2019-11-21T00:00:00
Link: CVE-2019-19167
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-06T13:15:12.917
Modified: 2020-05-11T16:44:49.510
Link: CVE-2019-19167
JSON object: View
Redhat Information
No data.