Vulnerability Details CVE-2019-12809
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2019-12809
-
cpe:2.3:a:yes24:viewer_activex:-
-
cpe:2.3:a:yes24:viewer_activex:1.0.327.50126