Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
History
02 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-122 |
20 Jul 2023, 01:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 CWE-416 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://www.3ds.com/vulnerability/advisories - Vendor Advisory | |
CPE | cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:* |
12 Jul 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 08:15
Updated : 2024-09-02 09:15
NVD link : CVE-2023-2763
Mitre link : CVE-2023-2763
CVE.ORG link : CVE-2023-2763
JSON object : View
Products Affected
3ds
- 3dexperience_solidworks