PT-2019-19383 · Daview · Daviewindy
Published
2019-04-25
·
Updated
2022-10-08
·
CVE-2019-9139
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DaviewIndy versions 8.98.7 and earlier
Description
The issue is triggered when a user opens a malformed PDF file that is mishandled by Daview.exe, leading to an integer overflow. This could allow attackers to exploit the issue and achieve arbitrary code execution.
Recommendations
For versions 8.98.7 and earlier, update to a version that contains a fix for this issue to prevent exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Daviewindy