CVE-2024-8894

Dec. 4, 2024, 12:15 p.m.

None
No Score

Description

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.

Product(s) Impacted

Product Versions
Open Design Alliance Drawings SDK
  • before 2025.10

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References

https://www.opendesign.com/security-advisories

Tags

CWE-787
2024-12-04
CVE-2024-8894
8a9629cb-c5e7-4d2a-a894-111e8039b7ea

Timeline

Published: Dec. 4, 2024, 12:15 p.m.
Last Modified: Dec. 4, 2024, 12:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

8a9629cb-c5e7-4d2a-a894-111e8039b7ea

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.