CVE-2021-25178
published 2021-01-18CVE-2021-25178: An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opendesign | drawings_software_development_kit | < 2021.11 | 2021.11 |
| siemens | comos | < 10.4.1 | 10.4.1 |
| siemens | jt2go | < 13.1.0.1 | 13.1.0.1 |
| siemens | teamcenter_visualization | < 13.1.0.1 | 13.1.0.1 |