CVE-2023-2762

A Use-After-Free vulnerability in SLDPRT file reading procedure exists in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted SLDPRT file.
References
Link Resource
https://www.3ds.com/vulnerability/advisories Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:*

History

20 Jul 2023, 01:49

Type Values Removed Values Added
CWE CWE-416
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
References (MISC) https://www.3ds.com/vulnerability/advisories - (MISC) https://www.3ds.com/vulnerability/advisories - Vendor Advisory
CPE cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:*

12 Jul 2023, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-12 08:15

Updated : 2024-02-04 23:37


NVD link : CVE-2023-2762

Mitre link : CVE-2023-2762

CVE.ORG link : CVE-2023-2762


JSON object : View

Products Affected

3ds

  • 3dexperience_solidworks
CWE
CWE-416

Use After Free