An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-30325 An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T03:55:28.615Z

Reserved: 2021-11-04T00:00:00

Link: CVE-2021-43390

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-14T21:15:08.310

Modified: 2024-11-21T06:29:08.537

Link: CVE-2021-43390

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.