First published: Fri Jul 17 2020(Updated: )
DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.
Credit: vuln@krcert.or.kr
Affected Software | Affected Version | How to fix |
---|---|---|
Hmtalk Daviewindy | <=8.98.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7818 is a vulnerability in DaviewIndy 8.98.9 and earlier that allows for a heap-based overflow when opening a malformed PDF file.
The CVE-2020-7818 vulnerability can be exploited by opening a specially crafted PDF file, triggering a heap-based overflow in Daview.exe.
CVE-2020-7818 has a severity rating of 7.8 (high).
The affected software for CVE-2020-7818 is DaviewIndy versions up to and including 8.98.9.
To fix the CVE-2020-7818 vulnerability, update DaviewIndy to a version later than 8.98.9.