Описание
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2022.11 (исключая)
cpe:2.3:a:opendesign:oda_viewer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00729
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-755
Связанные уязвимости
github
больше 3 лет назад
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.
EPSS
Процентиль: 72%
0.00729
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-755