Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-7816

Опубликовано: 30 июн. 2020
Источник: nvd
CVSS3: 7
CVSS3: 7.8
CVSS2: 6.8
EPSS Низкий

Описание

A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:hmtalk:daoffice:*:*:*:*:*:*:*:*
Версия до 8.995 (исключая)
cpe:2.3:a:hmtalk:dava\+:*:*:*:*:*:*:*:*
Версия до 8.995 (исключая)
cpe:2.3:a:hmtalk:daview_indy:*:*:*:*:*:*:*:*
Версия до 8.995 (исключая)
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 80%
0.01339
Низкий

7 High

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

github логотип

GHSA-grqg-fgw9-3xch

github
больше 3 лет назад

A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device.

EPSS

Процентиль: 80%
0.01339
Низкий

7 High

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125