CVE-2023-5180

Summary

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process.

Affected Software

VendorProductVersion RangeStatus
Open Design AllianceODA Drawings SDK - All Versions < 2024.120 < 2024.12affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References