CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2023-44430 – Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44430
08 Jan 2024 — Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://www.bentley.com/advisories/be-2022-0019 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2022-43651 – Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43651
31 Mar 2023 — Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://www.zerodayinitiative.com/advisories/ZDI-23-346 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43652 – Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-43652
31 Mar 2023 — Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://www.zerodayinitiative.com/advisories/ZDI-23-347 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43653 – Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43653
31 Mar 2023 — Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. Crafted data in an SKP file can trigger a write past the end of an allocated buffer. • https://www.zerodayinitiative.com/advisories/ZDI-23-348 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2022-43655 – Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43655
31 Mar 2023 — Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fi... • https://www.zerodayinitiative.com/advisories/ZDI-23-344 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43656 – Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-43656
31 Mar 2023 — Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. • https://www.zerodayinitiative.com/advisories/ZDI-23-345 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-42899
https://notcve.org/view.php?id=CVE-2022-42899
13 Oct 2022 — Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View. Las aplicaciones de Bentley MicroStation y las basadas en MicroStation pueden verse afectadas por problemas de lectura fuera de límites y desbordamiento de pila cuando son abiertos archivos ... • https://github.com/iamsanjay/CVE-2022-42899 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42900
https://notcve.org/view.php?id=CVE-2022-42900
13 Oct 2022 — Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read issues when opening crafted FBX files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View. Las aplicaciones de Bentley MicroStation y basadas en MicroStation pueden verse afectadas por problemas de lectura fuera de límites cuando abren archivos FBX diseñados. La explotación de estos problemas podría... • https://www.bentley.com/legal/common-vulnerability-exposure-be-2022-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42901
https://notcve.org/view.php?id=CVE-2022-42901
13 Oct 2022 — Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow issues when opening crafted XMT files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View. Las aplicaciones de Bentley MicroStation y las basadas en MicroStation pueden verse afectadas por problemas de desbordamiento de pila y fuera de límites cuando abren archivos XMT diseñados. La ex... • https://www.bentley.com/legal/common-vulnerability-exposure-be-2022-0018 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-35906
https://notcve.org/view.php?id=CVE-2022-35906
15 Jul 2022 — An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process. Se ha detectado un problema en Bentley MicroStation versiones anteriores a 10.17.0.x y en Bentley View ver... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0011 • CWE-125: Out-of-bounds Read •