PT-2023-6597 · Mentor Graphics · Xpedition Layout Browser

Published

2023-10-10

Updated

2023-10-16

CVE-2023-30900

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xpedition Layout Browser versions prior to VX.2.14

Description A stack overflow vulnerability has been identified in the affected application when parsing a PCB file. This issue can be leveraged by an attacker to execute code in the context of the current process.

Recommendations For versions prior to VX.2.14, update to version VX.2.14 or later to resolve the issue. As a temporary workaround, consider restricting the parsing of PCB files from untrusted sources until a patch is applied.

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2023-07363

CVE-2023-30900

Affected Products

Xpedition Layout Browser

PT-2023-6597 · Mentor Graphics · Xpedition Layout Browser

CVE-2023-30900

Weakness Enumeration

Related Identifiers

Affected Products

References · 5