CVE-2018-5197

A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters. An crafted malicious parameters could cause arbitrary command to execute.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:tobesoft:xplatform:9.2:*:*:*:*:*:*:*
cpe:2.3:a:tobesoft:xplatform:9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tobesoft:xplatform:9.2.2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-01-02 14:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-5197

Mitre link : CVE-2018-5197

CVE.ORG link : CVE-2018-5197


JSON object : View

Products Affected

microsoft

  • windows

tobesoft

  • xplatform
CWE
CWE-20

Improper Input Validation