Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution by rebooting the victim’s PC.
References
Link | Resource |
---|---|
http://www.kaoni.com/ | Vendor Advisory |
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35428 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2020-05-28T13:12:54
Updated: 2020-05-28T13:12:54
Reserved: 2020-01-22T00:00:00
Link: CVE-2020-7812
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-28T14:15:11.907
Modified: 2020-05-28T20:45:58.480
Link: CVE-2020-7812
JSON object: View
Redhat Information
No data.
CWE