Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution.
References
Link | Resource |
---|---|
http://www.kaoni.com/ | Product |
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35428 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2020-05-22T13:05:13
Updated: 2020-05-22T13:05:13
Reserved: 2020-01-22T00:00:00
Link: CVE-2020-7813
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-22T14:15:12.217
Modified: 2020-05-27T14:40:03.590
Link: CVE-2020-7813
JSON object: View
Redhat Information
No data.
CWE