Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities exist in file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024
Vulnerability Description
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
释放后使用
Vulnerability Title
SolidWorks 安全漏洞
Vulnerability Description
SolidWorks是SolidWorks公司的一个运行在微软Windows平台下的三维CAD软件。 SolidWorks 2024 版本存在安全漏洞,该漏洞源于允许攻击者在打开特制的 CATPART、DWG、DXF、IPT、JT、SAT、SLDDRW、SLDPRT、STL、STP、X_B 或 X_T 文件时执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A