CVE-2020-7829
First published: Thu Jul 30 2020(Updated: )
DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.
Credit: vuln@krcert.or.kr
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hmtalk Daviewindy | <=8.98.4 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2020-7829.
What is the title of this vulnerability?
The title of this vulnerability is "DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability triggered when the user opens a malformed specific file that is mishandled by Daview.exe".
What is the affected software for this vulnerability?
The affected software for this vulnerability is Hmtalk Daviewindy version up to and including 8.98.4.
How severe is this vulnerability?
This vulnerability has a severity score of 7.8 (high).
How can attackers exploit this vulnerability?
Attackers can exploit this vulnerability by having the user open a specific malformed file that is mishandled by Daview.exe, leading to arbitrary code execution.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- vendor/hmtalk
- canonical/hmtalk daviewindy
- version/hmtalk daviewindy/8.98.4
- vendor/microsoft
- canonical/microsoft windows