Unrated severityNVD Advisory· Published Aug 9, 2019· Updated Sep 16, 2024
NC Launcher 2 Arbitrary Command Injection Vulnerability
CVE-2019-12805
Description
NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. This can be leveraged for code execution in the context of the current user.
Affected products
2<=2.4.1.691+ 1 more
- (no CPE)range: <=2.4.1.691
- (no CPE)range: 2.4.1.691 and earlier
Patches
Vulnerability mechanics
References
1- www.boho.or.kr/krcert/secNoticeView.domitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.