5.8
CVE-2013-6128
- EPSS 9.98%
- Veröffentlicht 25.10.2013 20:55:03
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginThe KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the single pathname argument, as demonstrated by a directory traversal attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Wellintech ≫ Kingview Version <= 6.52
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.98% | 0.927 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:P
|