본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7883 | WOWSOFT Printchaser ActiveX remote file execution vulnerability2021.11.16
□ Overview
o WOWSOFT Co.,Ltd released security update to address arbitrary remote code execution vulnerability in Printchaser ActiveX module.
Vulnerability
Vulnerability Type Impact Severity CVSS Score CVE ID
Download of code
without integrity check
arbitrary remote
code execution
High 7.8 CVE-2020-7883
 
□ Description
o Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.
 
□ Affected Product
Affected Product
Product Version Platform
Printchaser v2.2021.804.1 and earlier Windows
 
□ Solution
o Update the program over Printchaser 2.2021.1103.101 version or higher.

□ 기타
o Thanks to Hee-Hyun KIM for reporting this vulnerability.

□ Reference
o https://www.wowsoft.com/wowsoft/forward.do?pageUrl=sub01_01
 


□ 작성 : 침해사고분석단 취약점분석팀