PT-2019-12959 · Yes24 · Yes24Viewerx Activex Control

Publicado

2019-08-15

Atualizado

2020-10-06

CVE-2019-12809

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Yes24ViewerX ActiveX Control versions 1.0.327.50126 and earlier

Description The issue allows remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method, which can be leveraged for code execution.

Recommendations For versions 1.0.327.50126 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-494

Identificadores relacionados

CVE-2019-12809

Produtos afetados

Yes24Viewerx Activex Control

PT-2019-12959 · Yes24 · Yes24Viewerx Activex Control

CVE-2019-12809

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3