Vulnerability Description
Remote code execution vulnerability exists in KaKaoTalk PC messenger when user clicks specially crafted link in the message window. This affects KaKaoTalk windows version 2.7.5.2024 or lower.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kakaocorp | Kakaotalk | <= 2.7.5.2024 |
| Microsoft | Windows | - |
References
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34981Third Party Advisory
- https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34981Third Party Advisory
FAQ
What is CVE-2019-9132?
CVE-2019-9132 is a vulnerability with a CVSS score of 8.8 (HIGH). Remote code execution vulnerability exists in KaKaoTalk PC messenger when user clicks specially crafted link in the message window. This affects KaKaoTalk windows version 2.7.5.2024 or lower.
How severe is CVE-2019-9132?
CVE-2019-9132 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9132?
Check the references section above for vendor advisories and patch information. Affected products include: Kakaocorp Kakaotalk, Microsoft Windows.