Vulnerabilities > CVE-2018-5202 - Unspecified vulnerability in Signkorea Skcertservice 2.3.0/2.5.5
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
signkorea
Summary
SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |