CVE-2020-7818 - OpenCVE

DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Hmtalk	Daviewindy

Configuration 1 [-]

cpe:2.3:a:hmtalk:daviewindy:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.hmtalk.com/	Product Vendor Advisory
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: krcert

Published: 2020-07-17T00:00:00

Updated: 2020-07-17T21:05:35

Reserved: 2020-01-22T00:00:00

Link: CVE-2020-7818

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-07-17T22:15:11.637

Modified: 2020-07-22T21:06:28.697

Link: CVE-2020-7818

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "DaviewIndy", "vendor": "HumanTolk Co.Ltd", "versions": [{"status": "affected", "version": "8.98.9 and earlier"}]}], "credits": [{"lang": "en", "value": "Thanks for Namjun-Jo for reporting this vulnerability."}], "datePublic": "2020-07-17T00:00:00", "descriptions": [{"lang": "en", "value": "DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-17T21:05:35", "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "shortName": "krcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.hmtalk.com/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521"}], "solutions": [{"lang": "en", "value": "Update software over DaviewIndy 8.99.2 version or higher.\n"}], "source": {"discovery": "UNKNOWN"}, "title": "DaviewIndy Heap Overflow Vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vuln@krcert.or.kr", "DATE_PUBLIC": "2020-07-17T07:18:00.000Z", "ID": "CVE-2020-7818", "STATE": "PUBLIC", "TITLE": "DaviewIndy Heap Overflow Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DaviewIndy", "version": {"version_data": [{"version_value": "8.98.9 and earlier"}]}}]}, "vendor_name": "HumanTolk Co.Ltd"}]}}, "credit": [{"lang": "eng", "value": "Thanks for Namjun-Jo for reporting this vulnerability."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://www.hmtalk.com/", "refsource": "MISC", "url": "https://www.hmtalk.com/"}, {"name": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521", "refsource": "CONFIRM", "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521"}]}, "solution": [{"lang": "en", "value": "Update software over DaviewIndy 8.99.2 version or higher.\n"}], "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "assignerShortName": "krcert", "cveId": "CVE-2020-7818", "datePublished": "2020-07-17T00:00:00", "dateReserved": "2020-01-22T00:00:00", "dateUpdated": "2020-07-17T21:05:35", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hmtalk:daviewindy:*:*:*:*:*:*:*:*", "matchCriteriaId": "755F40E2-FB0B-452D-8A6B-5FE7F05F7A2A", "versionEndIncluding": "8.98.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution."}, {"lang": "es", "value": "DaviewIndy versiones 8.98.9 y anteriores, presentan una vulnerabilidad de desbordamiento en la regi\u00f3n heap de la memoria, que se desencadena cuando el usuario abre un archivo PDF malformado que es manejado inapropiadamente por el archivo Daview.exe. Unos atacantes podr\u00edan explotar esto y ejecutar c\u00f3digo arbitrario"}], "id": "CVE-2020-7818", "lastModified": "2020-07-22T21:06:28.697", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vuln@krcert.or.kr", "type": "Secondary"}]}, "published": "2020-07-17T22:15:11.637", "references": [{"source": "vuln@krcert.or.kr", "tags": ["Product", "Vendor Advisory"], "url": "https://www.hmtalk.com/"}, {"source": "vuln@krcert.or.kr", "tags": ["Third Party Advisory"], "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521"}], "sourceIdentifier": "vuln@krcert.or.kr", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "vuln@krcert.or.kr", "type": "Secondary"}]}