CVE-2020-7827

Summary

DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
HumanTalkDavieIndy8.98.7 <= 8.98.8affected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CVE Program Container

Additional References

References