Vulnerabilities > CVE-2020-7870 - Out-of-bounds Write vulnerability in Unidocs Ezpdf Editor and Ezpdf Reader

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

unidocs

CWE-787

NVD

Published: 2021-06-29

Updated: 2024-11-21

Summary

A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This vulnerability exists due to insufficient validation of the parameter.

Vulnerable Configurations

Part	Description	Count
Application	Unidocs Unidocs Ezpdf Reader - Unidocs Ezpdf Reader 3.0.0.1 Unidocs Ezpdf Editor - Unidocs Ezpdf Editor 3.0.6.4	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36099
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36099