all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-250: Dassault Systèmes eDrawings DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Add to bookmarks
March 8, 2024, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

arbitrary code attackers code code execution cvss dassault systèmes exploit file malicious out-of-bounds out-of-bounds write page parsing rating remote code remote code execution target vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers bluetooth code +20
ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16
ZDI-24-432: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +17
ZDI-24-431: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Associate Director Cyber Engineering

@ KBR, Inc. | CO102: 16800 E Centretech Pkwy,Aurora 16800 East Centretech Pkwy Building S75, Aurora, CO, 80011 USA
View on infosec-jobs.com

Application Security Engineering Manager - Security Operations (Boston)

@ Klaviyo | Boston, MA
View on infosec-jobs.com

Azure Security DevOps Engineer

@ Global Payments | North Carolina - Remote
View on infosec-jobs.com

Senior IT Planning Analyst - Cybersecurity PMO

@ Pacific Gas and Electric Company | Oakland, CA, US, 94612
View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States
View on infosec-jobs.com

Sr. Specialist - Cyber Defence Operations

@ Diageo | Bengaluru Karle Town SEZ
View on infosec-jobs.com
View more jobs