PT-2023-31893 · Open Design Alliance · Open Design Alliance Drawings Sdk

Seyit Sığırcı

Published

2023-11-07

Updated

2023-11-14

CVE-2023-5179

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Design Alliance Drawings SDK versions prior to 2024.10

Description An issue in the Open Design Alliance Drawings SDK allows attackers to cause a crash or potentially enable code execution through a denial-of-service attack. This occurs when a corrupted value for the start of a MiniFat sector in a crafted DGN file leads to an out-of-bounds read.

Recommendations For versions prior to 2024.10, update to version 2024.10 or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2023-5179

Affected Products

Open Design Alliance Drawings Sdk

PT-2023-31893 · Open Design Alliance · Open Design Alliance Drawings Sdk

CVE-2023-5179

Weakness Enumeration

Related Identifiers

Affected Products

References · 3