Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRapid7CVELIST:CVE-2020-7374
HistoryAug 12, 2020 - 5:25 p.m.

CVE-2020-7374 Documalis Free PDF Editor / Free PDF Scanner Stack Based Buffer Overflow

2020-08-1217:25:17
CWE-120
rapid7
www.cve.org
3

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS

0.003

Percentile

71.4%

JSON

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.

CNA Affected

[
  {
    "product": "Free PDF Editor",
    "vendor": "Documalis",
    "versions": [
      {
        "status": "affected",
        "version": "5.7.2.26"
      }
    ]
  },
  {
    "product": "Free PDF Scanner",
    "vendor": "Documalis",
    "versions": [
      {
        "status": "affected",
        "version": "5.7.2.122"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
cve
cve
CVE-2020-7374
2020-08-12 18:15:18
prion
prion
Buffer overflow
2020-08-12 18:15:00
nvd
nvd
CVE-2020-7374
2020-08-12 18:15:18

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS

0.003

Percentile

71.4%

JSON
Related for CVELIST:CVE-2020-7374
cve1prion1nvd1