Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/22 4:19 p.m.8 views

CVE-2020-14049

Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this...

9.3CVSS7.4AI score0.15041EPSS
Exploits1
prion
prion
added 2020/06/22 6:15 p.m.15 views

Cross site request forgery (csrf)

Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this...

5CVSS7.9AI score0.15041EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2020/06/22 5:27 p.m.19 views

CVE-2020-14049

Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this...

7.9AI score0.02161EPSS
Exploits1References2
cve
cve
added 2020/06/22 5:27 p.m.53 views

CVE-2020-14049

Viber for Windows up to 13.2.0.39 is affected by an issue in its custom URI handler due to improper quoting, connected to an incomplete fix for CVE-2019-12569. A malicious site could launch Viber with arbitrary parameters, forcing a victim to initiate an NTLM authentication request, potentially r...

7.5CVSS7.8AI score0.02161EPSS
Exploits1References2Affected Software1
cve
cve
added 2019/06/03 12:50 a.m.66 views

CVE-2019-12569

CVE-2019-12569 affects Viber for Desktop (Windows) prior to 10.7.0, due to unsafe search paths in the URI handler. A targeted user must click a malicious link; successfully, the app loads libraries from the URI-specified directory and could execute arbitrary commands with the user’s privileges. C...

9.3CVSS7.7AI score0.15041EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder