all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-129: Open Design Alliance (ODA) Drawing SDK DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Add to bookmarks
Feb. 9, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

alliance arbitrary code attackers code code execution design drawing dwg exploit file malicious out-of-bounds out-of-bounds write page parsing remote code remote code execution sdk target vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-440: Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability 15 hours ago | www.zerodayinitiative.com
activemq arbitrary code attackers authentication +20
ZDI-24-441: Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +17
ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers bluetooth code +20
ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 4 days, 15 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

IT Security Associate

@ EcoVadis | Barcelona, Spain
View on infosec-jobs.com

Cyber Security w/ Clearance - Alabama

@ Rothe | Huntsville, AL, United States
View on infosec-jobs.com

Manager - Cyber Security

@ Adani Group | AHMEDABAD, GUJARAT, India
View on infosec-jobs.com

Security Architect

@ Wix | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Technical Support Engineer - Cyber Security

@ Microsoft | Taipei, Taipei City, Taiwan
View on infosec-jobs.com
View more jobs