HIGH🇬🇧 English

CVE-2021-43276

CVSS 7.8v3.1pub. 2021-11-14upd. 2024-11-21

An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Opendesign Oda Viewer

    APP
    Opendesign
    < 2022.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2021-43272CRITICAL9.8ten sam produkt

An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample ...

CVE-2023-5180HIGH7.8ten sam vendor

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of se...

CVE-2023-5179HIGH7.8ten sam vendor

An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start o...

CVE-2023-22669HIGH7.8ten sam vendor

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length ...

CVE-2023-22670HIGH7.8ten sam vendor

A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK bef...