Lucene search
JpcertCVELIST:CVE-2022-27176HistoryJun 14, 2022 - 7:05 a.m.
CVE-2022-27176
2022-06-1407:05:36
jpcert
www.cve.org
0.001 Low
EPSS
Percentile
29.9%
Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using ‘File Sanitization Library’ 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using ‘File Sanitization Option’), and RevoWorks Desktop 2.1.84 and prior versions (when using ‘File Sanitization Option’), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment.
CNA Affected
[
{
"product": "RevoWorks SCVX, RevoWorks Browser, and RevoWorks",
"vendor": "J’s Communication Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using 'File Sanitization Option'), and RevoWorks Desktop 2.1.84 and prior versions (when using 'File Sanitization Option')"
}
]
}
]Related
cve
cve
CVE-2022-27176
2022-06-14 09:15:09
nvd
nvd
CVE-2022-27176
2022-06-14 09:15:09
jvn
jvn
JVN#27256219: RevoWorks incomplete filtering of MS Office v4 macros
2022-05-27 00:00:00
prion
prion
Design/Logic Flaw
2022-06-14 09:15:00