Vulnerability Details CVE-2023-5179
An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.3%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-5179
-
cpe:2.3:a:opendesign:drawings_sdk:-
-
cpe:2.3:a:opendesign:drawings_sdk:2019
-
cpe:2.3:a:opendesign:drawings_sdk:2021.11
-
cpe:2.3:a:opendesign:drawings_sdk:2021.12
-
cpe:2.3:a:opendesign:drawings_sdk:2022.11
-
cpe:2.3:a:opendesign:drawings_sdk:2022.12
-
cpe:2.3:a:opendesign:drawings_sdk:2023.2
-
cpe:2.3:a:opendesign:drawings_sdk:2023.6
-
cpe:2.3:a:opendesign:drawings_sdk:2024.1