PT-2023-31893 · Open Design Alliance · Open Design Alliance Drawings Sdk

Seyit Sığırcı

Publicado

2023-11-07

Atualizado

2023-11-14

CVE-2023-5179

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Design Alliance Drawings SDK versions prior to 2024.10

Description An issue in the Open Design Alliance Drawings SDK allows attackers to cause a crash or potentially enable code execution through a denial-of-service attack. This occurs when a corrupted value for the start of a MiniFat sector in a crafted DGN file leads to an out-of-bounds read.

Recommendations For versions prior to 2024.10, update to version 2024.10 or later to resolve the issue.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2023-5179

Produtos afetados

Open Design Alliance Drawings Sdk

PT-2023-31893 · Open Design Alliance · Open Design Alliance Drawings Sdk

CVE-2023-5179

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3