A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | cloudcompare | < 2.11.3-7.1 | cloudcompare_2.11.3-7.1_all.deb |
Debian | 11 | all | cloudcompare | <= 2.10.3-4 | cloudcompare_2.10.3-4_all.deb |
Debian | 10 | all | cloudcompare | <= 2.10.1-2 | cloudcompare_2.10.1-2_all.deb |
Debian | 999 | all | cloudcompare | < 2.11.3-7.1 | cloudcompare_2.11.3-7.1_all.deb |
Debian | 13 | all | cloudcompare | < 2.11.3-7.1 | cloudcompare_2.11.3-7.1_all.deb |
Debian | 12 | all | dxflib | < 3.26.4-1 | dxflib_3.26.4-1_all.deb |
Debian | 11 | all | dxflib | <= 3.17.0-3 | dxflib_3.17.0-3_all.deb |
Debian | 10 | all | dxflib | <= 3.17.0-3 | dxflib_3.17.0-3_all.deb |
Debian | 999 | all | dxflib | < 3.26.4-1 | dxflib_3.26.4-1_all.deb |
Debian | 13 | all | dxflib | < 3.26.4-1 | dxflib_3.26.4-1_all.deb |