PT-2019-16050 · Gnu+1 · Gnu Libredwg+1

Linhlhq

Publicado

2019-12-27

Atualizado

2020-08-24

CVE-2019-20015

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNU LibreDWG version 0.92

Description An issue was discovered where crafted input leads to an attempted excessive memory allocation in the dwg decode LWPOLYLINE private function within dwg.spec.

Recommendations For GNU LibreDWG version 0.92, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770

Identificadores relacionados

CVE-2019-20015

OPENSUSE-SU-2020:0068-1

OPENSUSE-SU-2020:0095-1

OPENSUSE-SU-2020_0068-1

Produtos afetados

Gnu Libredwg

Suse

PT-2019-16050 · Gnu+1 · Gnu Libredwg+1

CVE-2019-20015

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 45