CVE-2020-7837

Summary

An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via access to crafted web page. This issue affects: Infraware ML Report 2.19.312.0000.

Affected Software

VendorProductVersion RangeStatus
InfrawareML Report2.19.312.0000affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References