A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 May 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Nov 2022, 20:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
28 Feb 2022, 15:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5077 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS/ - Mailing List, Third Party Advisory |
16 Feb 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Feb 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2022, 14:54
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/LibreCAD/LibreCAD/issues/1462 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:librecad:librecad:2.2.0:rc1:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:2.2.0:rc2:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:*:*:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:2.2.0:rc3:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
CWE | CWE-120 |
25 Jan 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-25 12:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-45341
Mitre link : CVE-2021-45341
CVE.ORG link : CVE-2021-45341
JSON object : View
Products Affected
debian
- debian_linux
librecad
- librecad
fedoraproject
- fedora
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')