Описание
Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2021 (включая) до 2023 (включая)
cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
7.8 High
CVSS3
Дефекты
CWE-122
CWE-416
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.
EPSS
Процентиль: 14%
0.00047
Низкий
7.8 High
CVSS3
Дефекты
CWE-122
CWE-416