{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T16:45:25.377","vulnerabilities":[{"cve":{"id":"CVE-2019-9138","sourceIdentifier":"vuln@krcert.or.kr","published":"2019-04-25T18:29:01.490","lastModified":"2026-06-17T02:43:08.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PhotoShop file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution."},{"lang":"es","value":"DaviewIndy 8.98.7 y versiones anteriores tienen una vulnerabilidad de desbordamiento de números enteros, que se activa cuando el usuario abre un archivo PhotoShop malformado que Daview.exe no maneja correctamente. Los atacantes podrían explotar esto y ejecutar código arbitrario."}],"affected":[{"source":"vuln@krcert.or.kr","affectedData":[{"vendor":"HumanTalk Co,Ltd","product":"DaviewIndy","versions":[{"version":"fixed in 8.98.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"vuln@krcert.or.kr","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"vuln@krcert.or.kr","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:datools:daviewindy:*:*:*:*:*:*:*:*","versionEndIncluding":"8.98.7","matchCriteriaId":"EC0BE008-9E49-4173-B5CE-F0BE4D3AC189"}]}]}],"references":[{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34995","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34995","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}