CVE-2018-5202

2018-12-2116:00:00

krcert

www.cve.org

EPSS

0.002

Percentile

56.6%

JSON

SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker’s choosing that could execute arbitrary code without the user’s knowledge.

CNA Affected

[
  {
    "product": "SKCertService",
    "vendor": "SIGNKOREA",
    "versions": [
      {
        "lessThanOrEqual": "2.5.5",
        "status": "affected",
        "version": "SKCertService",
        "versionType": "custom"
      }
    ]
  }
]

References

www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30119

EPSS

0.002

Percentile

56.6%

JSON

Related for CVELIST:CVE-2018-5202