Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
Open Design Alliance Drawings SDK 缓冲区错误漏洞
Vulnerability Description
Open Design Alliance Drawings SDK是美国Open Design Alliance公司的一款应用于图纸设计的软件开发包。该开发包通过方便的,面向对象的API访问.dwg和.dgn中的数据,提供C++API、支持修复文件、.NET,JAVA,Python开发语言的支持等功能。 Open Design Alliance Drawings SDK 2024.10 之前版本存在缓冲区错误漏洞,该漏洞源于精心设计的 DGN 文件中 MiniFat 扇区起始值的损坏会导致越界读取,攻击者
CVSS Information
N/A
Vulnerability Type
N/A