CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7837

An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via access to crafted web page. This issue affects: Infraware ML Report 2.19.312.0000.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 6.8

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35849
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35849

Products affected by CVE-2020-7837

Polarisoffice » Polaris Ml Report » Version: N/A

cpe:2.3:a:polarisoffice:polaris_ml_report:-
Polarisoffice » Polaris Ml Report » Version: 2.18.723.6228

cpe:2.3:a:polarisoffice:polaris_ml_report:2.18.723.6228

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7837

Products

Pricing

Contact Us