PT-2022-12326 · Librecad+3 · Librecad+3

Eldstal

Published

2019-08-13

Updated

2024-06-15

CVE-2021-45341

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LibreCAD versions 2.2.0-rc3 and older

Description A buffer overflow vulnerability in CDataMoji of the jwwlib component allows an attacker to achieve Remote Code Execution using a crafted JWW document.

Recommendations For LibreCAD versions 2.2.0-rc3 and older, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, restrict the use of crafted JWW documents to minimize the risk of Remote Code Execution.

Exploit

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALT-PU-2019-2462

ALT-PU-2019-2467

CVE-2021-45341

DLA-2908-1

DSA-5077-1

MGASA-2022-0152

OPENSUSE-SU-2022:0143-1

OPENSUSE-SU-2022:10002-1

OPENSUSE-SU-2024:12082-1

USN-5957-1

Affected Products

Alt Linux

Librecad

Linuxmint

Ubuntu

PT-2022-12326 · Librecad+3 · Librecad+3

CVE-2021-45341

Weakness Enumeration

Related Identifiers

Affected Products

References · 41