CVE-2018-18224

Name of the Vulnerable Software and Affected Versions Open Design Alliance Drawings SDK version 2019Update1 Oracle Outside In Technology SDK (affected versions not specified)

Description A vulnerability exists in the file reading procedure, allowing attackers to perform read operations past the end or before the beginning of the intended buffer, potentially obtaining sensitive information from process memory or causing a crash. Additionally, a vulnerability in the Outside In Filters component is related to inadequate access control, which can be exploited by a remote attacker to gain unauthorized access to data or cause a denial of service using the HTTP protocol.

Recommendations For Open Design Alliance Drawings SDK version 2019Update1, consider restricting access to sensitive files and data to minimize the risk of exploitation. For Oracle Outside In Technology SDK, restrict access to the Outside In Filters component to minimize the risk of unauthorized access or denial of service. As a temporary workaround, consider disabling the file reading procedure in Open Design Alliance Drawings SDK until a patch is available. Avoid using the HTTP protocol to access sensitive data in Oracle Outside In Technology SDK until the issue is resolved.