Vulnerability Description
CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications. A vulnerability in downloading files by CyMiInstaller322 ActiveX caused by an attacker to download randomly generated DLL files and MIPLATFORM to load those DLLs due to insufficient verification.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cymiinstaller322 Activex Project | Cymiinstaller322 Activex | <= 2016.5.26.1 |
| Microsoft | Windows 10 | - |
| Microsoft | Windows 7 | - |
| Microsoft | Windows 8 | - |
Related Weaknesses (CWE)
References
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35479Third Party Advisory
- https://www.tobesoft.com/Index.doThird Party Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35479Third Party Advisory
- https://www.tobesoft.com/Index.doThird Party Advisory
FAQ
What is CVE-2019-19161?
CVE-2019-19161 is a vulnerability with a CVSS score of 7.2 (HIGH). CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications. A vulnerability in downloading files by CyMiInstaller322 ActiveX caused by an attacker to download randomly...
How severe is CVE-2019-19161?
CVE-2019-19161 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19161?
Check the references section above for vendor advisories and patch information. Affected products include: Cymiinstaller322 Activex Project Cymiinstaller322 Activex, Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.