Opendesign: >> Drawings Sdk >> 2023.6 Security Vulnerabilities
An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-12-26
An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-07
An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-04-10