Cross site scripting

2021-11-1421:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

31.7%

JSON

An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF and DWG files. Crafted data in a DXF or DWG file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

CPENameOperatorVersion
drawings_software_development_kitlt2022.11
solid_edgeeq2022.0.0-se
teamcenter_visualizationeq13.1.0
teamcenter_visualizationge13.2.0
teamcenter_visualizationlt13.3.0.1
teamcenter_visualizationge12.4.0
teamcenter_visualizationlt12.4.0.13

Name	Operator	Version
drawings_software_development_kit	lt	2022.11
solid_edge	eq	2022.0.0-se
teamcenter_visualization	eq	13.1.0
teamcenter_visualization	ge	13.2.0
teamcenter_visualization	lt	13.3.0.1
teamcenter_visualization	ge	12.4.0
teamcenter_visualization	lt	12.4.0.13