Описание
A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.
Ссылки
- Mailing ListThird Party Advisory
- Broken LinkExploitThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Broken LinkExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.
A code execution vulnerability exists in the dxfRW::processLType() fun ...
A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость функции dxfRW :: processLType () библиотеки libdfxfw системы автоматизированного проектирования работ LibreCad, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2