175 matches found
LibreCAD 代码问题漏洞
LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A denial of service vulnerability in LibreCAD version 2.2.0, which originates from a null pointer dereference in the HATCH handling of libdxfrw, can be exploited by an attacker to crash the applicatio...
LibreCAD 安全漏洞
LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A buffer overflow vulnerability exists in LibreCAD 2.2.0-rc3 and earlier versions, which originates when a networked system or product performs an operation in memory without properly validating data...
CVE-2021-45342
Summary: CVE-2021-45342 is a buffer overflow in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older that enables Remote Code Execution via a crafted JWW document. Affected versions: LibreCAD 2.2.0-rc3 and older (per multiple advisories). Impact: attacker can achieve RCE through a cr...
CVE-2021-45342
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...
CVE-2021-45341
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...
CVE-2021-45343
CVE-2021-45343 affects LibreCAD 2.2.0, where a NULL pointer dereference in the HATCH handling of libdxfrw can crash the application when processing a crafted DXF. The issue is rooted in the libdxfrw component used by LibreCAD, leading to a denial-of-service-style crash. Connected sources corrobor...
CVE-2021-45343
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document...
CVE-2021-45342
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...
CVE-2021-45341
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...
librecad -- out-of-bounds read in importshp plugin
Albin Eldstål-Ahrens reports: An out-of-bounds read on a heap buffer in the importshp plugin may allow an attacker to read sensitive data via a crafted DBF file...
Remote Code Execution (RCE)
A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability...
Remote Code Execution (RCE)
librecad is vulnerable to remote code execution. The vulnerability exists due to a heap buffer overflow in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw allowing a specially-crafted .dwg file execute maliciously crafted script...
Remote Code Execution (RCE)
librecad is vulnerable to remote code execution. An attacker is able to exploit the vulnerability by injecting a specially-crafted .dwg file via dwgCompressor::decompress18 functionality of LibreCad libdxfrw which can lead to an out-of-bounds write...
The vulnerability of the `dwgCompressor :: copyCompBytes21` function in the `libdfxfw` library of the LibreCAD automated design system allows a attacker to execute arbitrary code.
The vulnerability of the dwgCompressor :: copyCompBytes21 function in the libdfxfw library of the LibreCAD automated design system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using...
The vulnerability of the dwgCompressor function in the libdfxfw library of the LibreCad automated design system allows a hacker to execute arbitrary code.
The vulnerability of the dwgCompressor function in the libdfxfw library of the LibreCAD automated design system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially create...
Debian: Security Advisory (DLA-2838-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for librecad (FEDORA-2021-fa9e3c23f2)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for librecad (FEDORA-2021-67c946a9f3)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] [DLA 2838-1] librecad security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2838-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler December 03, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2838-1 : librecad - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2838 advisory. - A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file...