본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7818 | DaviewIndy Heap Overflow Vulnerability2020.07.17
□ Overview
 o HumanTalk Co,Ltd release security update to address a multiple overflow vulnerability.
Vulnerability Type Impact Severity CVSS Score CVE ID
Heap Overflow Code Execution High 7.8 CVE-2020-7818



□ Description
 o DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file

    that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. (CVE-2020-7818)

□ Affected Product
 

Product Version Platform
DaviewIndy 8.98.9 or lower Windows

□ Solution
 o Update software over DaviewIndy 8.99.2 0version or higher.

□ Solution
 o Thanks for Namjun-Jo for reporting this vulenrability.

□ Reference
 [1] https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35521

□ 작성 : 침해사고분석단 취약점분석팀