Описание
A Use-After-Free vulnerability in SLDPRT file reading procedure exists in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted SLDPRT file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2021 (включая) до 2023 (включая)
cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00052
Низкий
7.8 High
CVSS3
Дефекты
CWE-416
CWE-416
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
A Use-After-Free vulnerability in SLDPRT file reading procedure exists in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted SLDPRT file.
EPSS
Процентиль: 16%
0.00052
Низкий
7.8 High
CVSS3
Дефекты
CWE-416
CWE-416