CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
94.9%
Buffer overflow in the DownloadCertificateExt function in SignKorea SKCommAX ActiveX control module 7.2.0.2 and 3280 6.6.0.1 allows remote attackers to execute arbitrary code via a long pszUserID argument.
Vendor | Product | Version | CPE |
---|---|---|---|
signkorea | skcommax_activex_control | 6.6.0.1_3280 | cpe:2.3:a:signkorea:skcommax_activex_control:6.6.0.1_3280:*:*:*:*:*:*:* |
signkorea | skcommax_activex_control | 7.2.0.2 | cpe:2.3:a:signkorea:skcommax_activex_control:7.2.0.2:*:*:*:*:*:*:* |