CVE-2020-7374

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.
References
Link Resource
https://github.com/rapid7/metasploit-framework/pull/13517 Exploit Issue Tracking Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:documalis:free_pdf_editor:5.7.2.26:*:*:*:*:*:*:*
cpe:2.3:a:documalis:free_pdf_scanner:5.7.2.122:*:*:*:*:*:*:*

Information

Published : 2020-08-12 11:15

Updated : 2020-08-19 06:07


NVD link : CVE-2020-7374

Mitre link : CVE-2020-7374


JSON object : View

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

dedicated server usa

Products Affected

documalis

  • free_pdf_scanner
  • free_pdf_editor