CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43272 – Open Design Alliance (ODA) ODAViewer DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43272
14 Nov 2021 — An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process. Una vulnerabilidad de manejo inapropiado de condiciones excepcionales es presentado en Open Design Alliance ODA Viewer sample versiones anteriores a 2022.11. ODA Viewer continúa procesa... • https://www.opendesign.com/security-advisories • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-43280 – Open Design Alliance (ODA) Drawings Explorer DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43280
14 Nov 2021 — A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el procedimiento de lectura de archivos DWF en Ope... • https://www.opendesign.com/security-advisories • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43390 – Open Design Alliance (ODA) ODAViewer DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43390
14 Nov 2021 — An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de escritura fuera de límites cuando es leído un archivo DGN ... • https://www.opendesign.com/security-advisories • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43279 – Open Design Alliance (ODA) ODAViewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43279
14 Nov 2021 — An out-of-bounds write vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Se presenta una vulnerabilidad de escritura fuera de límites en el procedimiento de lectura de archivos U3D en Open Design Alliance PRC SDK versiones anteriores a 20... • https://www.opendesign.com/security-advisories • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43273 – Open Design Alliance (ODA) Drawings Explorer DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43273
14 Nov 2021 — An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Crafted data in a DGN file and lack of verification of input data can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de lectura fuera de límites en el procedimiento de lectura de archivos DGN en Open Design Alliance Drawings SDK versiones anterior... • https://www.opendesign.com/security-advisories • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43336 – Siemens JT2Go DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43336
14 Nov 2021 — An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF and DWG files. Crafted data in a DXF or DWG file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de escritura fuera de límites cuando es leído un ... • https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43391 – Open Design Alliance (ODA) ODAViewer DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43391
14 Nov 2021 — An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de lectura fuera de límites cuando es leído un archivo DXF usando Open Design... • https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43274 – Open Design Alliance (ODA) ODAViewer DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43274
10 Nov 2021 — A Use After Free Vulnerability exists in the Open Design Alliance Drawings SDK before 2022.11. The specific flaw exists within the parsing of DWF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Se presenta una vulnerabilidad de uso de memoria previamente liberada en Open Design Alliance Drawings ... • https://www.opendesign.com/security-advisories • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43275 – Open Design Alliance (ODA) ODAViewer DGN File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43275
10 Nov 2021 — A Use After Free vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Se presenta una vulnerabilidad de Uso de Memoria previamente Liberada en el procedimiento de lectura de archivos DGN en Open Design Alliance Drawings SDK versiones anteri... • https://www.opendesign.com/security-advisories • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43276 – Open Design Alliance (ODA) ODAViewer DWF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43276
10 Nov 2021 — An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process Se presenta una vulnerabilidad de lectura fuera de límites en Open Design Alliance ODA Viewer versiones anteriores a 2022.8. Los datos diseñados en un archivo DWF pueden desencadenar una lectura más a... • https://www.opendesign.com/security-advisories • CWE-125: Out-of-bounds Read •