Описание
An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). This issue is due to missing support for integrity check.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до x2.9 (включая)
Одновременно
cpe:2.3:a:4nb:videooffice:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00337
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-353
CWE-345
Связанные уязвимости
github
около 4 лет назад
An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). This issue is due to missing support for integrity check.
EPSS
Процентиль: 56%
0.00337
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-353
CWE-345