CVE-2020-7822

Summary

DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
HumanTalk Co,LtdDaviewIndyunspecified <= 8.98.7affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References