CVE-2019-19164

Summary

dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.

Affected Software

VendorProductVersion RangeStatus
RAONWizdext.ocx ActiveX Control in Dext5 UploadAffected: 5.0.0.112 and earlieraffected
RAONWizdext.ocx ActiveX Control in Dext5 UploadFixed: 5.0.0.113affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References