본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7837 | Infraware ML Report Stack Overflow Vulnerability2020.12.16
□ Overview
 o Infraware released security update to address buffer overflow vulnerability in ML Report.
Vulnerability Type Impact Severity CVSS Score CVE ID
Buffer overflow Code execution High 7.5 CVE-2020-7837
 
□ Description
 o ML Report contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based buffer overflow via access to crafted web page.
 
□ Affected Product
Product Version
ML Report 2.18.723.6228 and prior
 
□ Solution
 o Update software over ML Report 2.19.312.0000 version
 
□ Reference site
[1] https://www.polarisoffice.com/ko/print
 
□ Acknowledgements
 o Thanks to Jongsub Park for reporting this vulnerability
 



□ 작성 : 침해사고분석단 취약점분석팀