Vulnerability Details CVE-2018-18224
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.8%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.8
References
- http://www.securityfocus.com/bid/105603
- https://www.opendesign.com/security-advisories
- https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.securityfocus.com/bid/105603
- https://www.opendesign.com/security-advisories
- https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Products affected by CVE-2018-18224
-
cpe:2.3:a:opendesign:drawings_sdk:2019
-
cpe:2.3:a:oracle:outside_in_technology:8.5.3
-
cpe:2.3:a:oracle:outside_in_technology:8.5.4