Lucene search

JpcertCVE-2015-2946

HistoryMay 25, 2015 - 7:59 p.m.

CVE-2015-2946

2015-05-2519:59:03

CWE-119

jpcert

web.nvd.nist.gov

cve-2015-2946

stack-based buffer overflow

open cad format council

sxf common library

remote code execution

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.064

Percentile

93.7%

JSON

Stack-based buffer overflow in the Open CAD Format Council SXF common library before 3.30 allows remote attackers to execute arbitrary code via a crafted CAD file.

Affected configurations

Nvd

Node

ocfsxf_common_libraryRange≤3.21

VendorProductVersionCPE
ocfsxf_common_library*cpe:2.3:a:ocf:sxf_common_library:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ocf	sxf_common_library	*	cpe:2.3:a:ocf:sxf_common_library::::::::

References

jvn.jp/en/jp/JVN93976566/995630/index.html

jvn.jp/en/jp/JVN93976566/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000068

www.ocf.or.jp/top/topix/027.shtml

www.securityfocus.com/bid/74781

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.064

Percentile

93.7%

JSON

Related for CVE-2015-2946