mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
145 lines
5.3 KiB
JSON
145 lines
5.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "vuln@krcert.or.kr",
|
|
"DATE_PUBLIC": "2021-06-23T05:51:00.000Z",
|
|
"ID": "CVE-2020-7862",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "HelpU Overflow Vulnerability"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "HelpuViewer.exe",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"platform": "x86, x64",
|
|
"version_affected": "<=",
|
|
"version_name": "2018.5.21.0",
|
|
"version_value": "2020.11.20.0"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "HelpuServer.exe",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"platform": "x86, x64",
|
|
"version_affected": "<=",
|
|
"version_name": "1.0.0.2",
|
|
"version_value": "2020.11.20.0"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "HelpuFTClient.dll",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"platform": "x86, x64",
|
|
"version_name": "3.0.0.0",
|
|
"version_value": "2020.11.20.0"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "HelpuFTServer.dll",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"platform": "x86, x64",
|
|
"version_name": "3.0.0.0",
|
|
"version_value": "2020.11.20.0"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Helpu,inc"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"credit": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Thanks to Jeongun Back for reporting this vulnerability."
|
|
}
|
|
],
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.0.9"
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "HIGH",
|
|
"attackVector": "LOCAL",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "LOW",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"version": "3.1"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-20 Improper Input Validation"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-120 Buffer Overflow"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094",
|
|
"name": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"url": "https://helpu.co.kr/customer/download.html",
|
|
"name": "https://helpu.co.kr/customer/download.html"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
}
|
|
} |