An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via access to crafted web page. This issue affects: Infraware ML Report 2.19.312.0000.
References
Link | Resource |
---|---|
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35849 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-12-16 17:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-7837
Mitre link : CVE-2020-7837
CVE.ORG link : CVE-2020-7837
JSON object : View
Products Affected
polarisoffice
- polaris_ml_report