CVE-2019-12809

Summary

Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.

Affected Software

VendorProductVersion RangeStatus
YES24YES24 PC VIEWER1.0.327.50126affected

Weaknesses

  • CWE-494: CWE-494 Download of Code Without Integrity Check

ADP Enrichment

CVE Program Container

Additional References

References