Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, Inc. The development package provides access to data in .dwg and .dgn through a convenient, object-oriented API that provides a C API, support for repair files, support for the . A stack-based buffer overflow vulnerability exists in the DWF file read process. The issue is caused by a lack of proper validation of the length of user-supplied data before it is copied into a stack-based buffer. An attacker could exploit this vulnerability to execute code in the context of the current process.