CVE-2021-44859

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2022.12

Description: An out-of-bounds read issue exists when reading a TGA file using the affected software. The specific issue occurs after loading TGA files, where unchecked input data from a crafted TGA file leads to an out-of-bounds read. An attacker can leverage this issue to execute code in the context of the current process.

Recommendations: For versions prior to 2022.12, consider updating to a version 2022.12 or later to resolve the issue. As a temporary workaround, restrict the loading of TGA files or ensure that all TGA files come from trusted sources to minimize the risk of exploitation.