VYPR

ML Report

by Infraware

CVEs (2)

  • CVE-2018-5204CriDec 28, 2018
    risk 0.64cvss 9.8epss 0.02

    ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.

  • CVE-2020-7837HigDec 16, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer…