exploitDog

CVE-2024-11957

Опубликовано: 04 мар. 2025

Источник: nvd

EPSS Низкий

Описание

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276

on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.

Ссылки

https://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office/

EPSS

Процентиль: 5%

0.00021

Низкий

Дефекты

CWE-347

Связанные уязвимости

GHSA-jxrq-h53g-x3qx

github

11 месяцев назад

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.

EPSS

Процентиль: 5%

0.00021

Низкий

Дефекты

CWE-347