CVE-2024-8894
Dec. 4, 2024, 12:15 p.m.
Tags
Product(s) Impacted
Open Design Alliance Drawings SDK
- before 2025.10
Description
Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
Weaknesses
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
CWE ID: 787Date
Published: Dec. 4, 2024, 12:15 p.m.
Last Modified: Dec. 4, 2024, 12:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
8a9629cb-c5e7-4d2a-a894-111e8039b7ea
References
https://www.opendesign.com/
8a9629cb-c5e7-4d2a-a894-111e8039b7ea