CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Nomachine: >> Nx Web Companion Security Vulnerabilities

CVE-2012-5003

nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted (1) SiteUrl or (2) RedirectUrl parameter that points to a Trojan Horse client.zip update file.

CVSS Score

6.8

EPSS Score

0.015

Published

2012-09-19

Page 1

Vulnerabilities

Vulnerable Software

Nomachine: >> Nx Web Companion Security Vulnerabilities

Products

Pricing

Contact Us