A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 May 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2022, 18:43
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
28 Feb 2022, 15:31
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5077 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS/ - Mailing List, Third Party Advisory |
16 Feb 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Feb 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Jan 2022, 16:37
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
References | (MISC) https://github.com/LibreCAD/LibreCAD/issues/1464 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:librecad:librecad:2.2.0:rc1:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:2.2.0:rc2:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:2.2.0:rc3:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:*:*:*:*:*:*:*:* cpe:2.3:a:librecad:librecad:2.2.0:alpha:*:*:*:*:*:* |
25 Jan 2022, 13:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-25 13:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-45342
Mitre link : CVE-2021-45342
CVE.ORG link : CVE-2021-45342
JSON object : View
Products Affected
debian
- debian_linux
librecad
- librecad
fedoraproject
- fedora
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')