Vulnerability Description
MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Activesoft | Mybuilder | < 6.2.2019.814 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155Third Party AdvisoryVDB Entry
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155Third Party AdvisoryVDB Entry
FAQ
What is CVE-2019-12812?
CVE-2019-12812 is a vulnerability with a CVSS score of 9.8 (CRITICAL). MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution.
How severe is CVE-2019-12812?
CVE-2019-12812 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-12812?
Check the references section above for vendor advisories and patch information. Affected products include: Activesoft Mybuilder, Microsoft Windows.