An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
References
Link | Resource |
---|---|
https://www.opendesign.com/security-advisories | Vendor Advisory |
https://www.opendesign.com/security-advisories | Vendor Advisory |
Configurations
History
21 Nov 2024, 08:41
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.opendesign.com/security-advisories - Vendor Advisory |
14 Nov 2023, 21:29
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-125 | |
References | () https://www.opendesign.com/security-advisories - Vendor Advisory | |
CPE | cpe:2.3:a:opendesign:drawings_sdk:*:*:*:*:*:*:*:* | |
First Time |
Opendesign drawings Sdk
Opendesign |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
07 Nov 2023, 16:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-07 16:15
Updated : 2024-11-21 08:41
NVD link : CVE-2023-5179
Mitre link : CVE-2023-5179
CVE.ORG link : CVE-2023-5179
JSON object : View
Products Affected
opendesign
- drawings_sdk
CWE
CWE-125
Out-of-bounds Read