{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T07:11:27.111","vulnerabilities":[{"cve":{"id":"CVE-2019-9135","sourceIdentifier":"vuln@krcert.or.kr","published":"2019-04-25T17:29:00.923","lastModified":"2024-11-21T04:51:03.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed DIB format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution."},{"lang":"es","value":"DaviewIndy 8.98.7 y versiones anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica (heap), que se activa cuando el usuario abre un archivo DIB malformado que Daview.exe no maneja correctamente. Los atacantes podrían explotar esto y ejecutar código arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"vuln@krcert.or.kr","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"vuln@krcert.or.kr","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:datools:daviewindy:*:*:*:*:*:*:*:*","versionEndIncluding":"8.98.7","matchCriteriaId":"EC0BE008-9E49-4173-B5CE-F0BE4D3AC189"}]}]}],"references":[{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34995","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34995","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}