SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: krcert
Published: 2018-12-21T16:00:00Z
Updated: 2024-09-16T20:36:19.536Z
Reserved: 2018-01-03T00:00:00
Link: CVE-2018-5202
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-12-21T16:29:00.287
Modified: 2024-11-21T04:08:19.513
Link: CVE-2018-5202
Redhat
No data.