← voltar
CVE-2024-3299

Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the SLDDRW and SLDPRT file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024

CVSS 7.8 HIGHEPSS 0.4%CWE-416CWE-787CWE-908
Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted SLDDRW or SLDPRT file. NOTE: this vulnerability was SPLIT from CVE-2024-1847.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Dassault Systèmes · eDrawings

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.3ds.com/vulnerability/advisories