Описание
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.1.2-1ubuntu0.1 |
| devel | not-affected | 2.1.3-3 |
| esm-apps/bionic | released | 2.1.2-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 2.1.3-1.2+deb10u1build0.20.04.1 |
| esm-apps/jammy | released | 2.1.3-3 |
| esm-apps/noble | not-affected | 2.1.3-3 |
| esm-apps/xenial | released | 2.0.9-2ubuntu0.1~esm1 |
| focal | released | 2.1.3-1.2+deb10u1build0.20.04.1 |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
A code execution vulnerability exists in the dwgCompressor::decompress ...
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость функции dwgCompressor :: decopress18() библиотеки libdfxfw системы автоматизированного проектирования работ LibreCad, позволяющая нарушителю выполнить произвольный код
6.8 Medium
CVSS2
8.8 High
CVSS3