CVE-2021-43272

Name of the Vulnerable Software and Affected Versions Open Design Alliance ODA Viewer versions prior to 2022.11

Description An improper handling of exceptional conditions issue exists in the ODA Viewer sample. When the viewer encounters invalid or malicious DWF files, it continues to process them instead of stopping upon an exception. This allows an attacker to execute code in the context of the current process by leveraging this issue.

Recommendations For versions prior to 2022.11, update to a version 2022.11 or later to resolve the issue. As a temporary workaround, consider restricting the processing of DWF files from untrusted sources until a patch is available.