Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35919 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2021-02-24T15:46:51
Updated: 2021-02-24T15:46:51
Reserved: 2020-01-22T00:00:00
Link: CVE-2020-7846
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-02-24T16:15:14.443
Modified: 2021-02-27T04:59:15.780
Link: CVE-2020-7846
JSON object: View
Redhat Information
No data.