10 matches found
Open Design Alliance Drawings SDK has an unspecified vulnerability (CNVD-2021-89162)
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, Inc. The Open Design Alliance Drawings SDK contains a security vulnerability that results from an exception vulnerability in the sample The ODA Viewer continues to process...
CVE-2021-43276
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the...
CVE-2021-43272
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the...
CVE-2021-43272
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the...
Cross site scripting
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the...
Design/Logic Flaw
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the...
CVE-2021-43272
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the...
CVE-2021-43272
CVE-2021-43272 relates to Open Design Alliance ODAViewer: a parsing flaw in DWF handling that can lead to remote code execution. The ZDI advisories (ZDI-21-1358, ZDI-21-1360, ZDI-21-1363) describe a stack-based buffer overflow in the DWF file parser, caused by insufficient validation of the lengt...
CVE-2021-43276
The CVE-2021-43276 entry concerns Open Design Alliance ODA Viewer prior to 2022.8, which contains an Out-of-bounds Read issue in DWF file parsing that can trigger a read past the end of an allocated buffer. The vulnerability could allow an attacker to execute arbitrary code in the context of the ...
CVE-2021-43276
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the...