Описание
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.327.50126 (включая)
cpe:2.3:a:yes24:viewer_activex:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00382
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-494
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.
EPSS
Процентиль: 59%
0.00382
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-494
NVD-CWE-noinfo