Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Open Design Alliance Drawings SDK 缓冲区错误漏洞
Vulnerability Description
Open Design Alliance Drawings SDK是美国Open Design Alliance公司的一款应用于图纸设计的软件开发包。该开发包通过方便的,面向对象的API访问.dwg和.dgn中的数据,提供C++API、支持修复文件、.NET,JAVA,Python开发语言的支持等功能。 Drawings SDK 存在缓冲区错误漏洞,该漏洞源于一个边界条件。攻击者可利用该漏洞创建一个专门制作的DWG文件,诱骗受害者打开它,触发越界读取错误并读取系统上的内存内容,或引发拒绝服务(DoS)攻击
CVSS Information
N/A
Vulnerability Type
N/A