Описание
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022.8 (исключая)
cpe:2.3:a:opendesign:oda_viewer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00414
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
github
больше 3 лет назад
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process
EPSS
Процентиль: 61%
0.00414
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-125