A Use-After-Free vulnerability in SLDPRT file reading procedure exists in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted SLDPRT file.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
History
20 Jul 2023, 01:49
Type | Values Removed | Values Added |
---|---|---|
First Time |
3ds
3ds 3dexperience Solidworks |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://www.3ds.com/vulnerability/advisories - Vendor Advisory | |
CWE | CWE-416 | |
CPE | cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:* |
12 Jul 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 08:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-2762
Mitre link : CVE-2023-2762
CVE.ORG link : CVE-2023-2762
JSON object : View
Products Affected
3ds
- 3dexperience_solidworks
CWE
CWE-416
Use After Free