Lucene search

Veracode Vulnerability DatabaseVERACODE:45039

HistoryJan 13, 2024 - 5:59 p.m.

Buffer Overflow

2024-01-1317:59:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

buffer overflow

vulnerability

unauthorized access

dbf file

sensitive information

record length

librecad

sid

software

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

librecad:sid is vulnerable to buffer overflow. The vulnerability due to get the Unauthorized access for DBF file. It allow an attacker get access could extract the sensitive information and changes the record length.

CPENameOperatorVersion
librecad:sideq2.1.3-1.2
librecad:sideq2.1.3-1.2

CPE	Name	Operator	Version
	librecad:sid	eq	2.1.3-1.2
	librecad:sid	eq	2.1.3-1.2

References

github.com/LibreCAD/LibreCAD/issues/1481

security-tracker.debian.org/tracker/CVE-2023-30259

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

Related for VERACODE:45039