A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
References
Link | Resource |
---|---|
https://github.com/LibreCAD/LibreCAD/issues/1464 | Exploit Issue Tracking Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS/ | Mailing List Third Party Advisory |
https://www.debian.org/security/2022/dsa-5077 | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCC2FZ6HZOIK3775K4MTCOUHX6PLGPEL/ | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2022-01-25 05:15
Updated : 2022-11-07 10:43
NVD link : CVE-2021-45342
Mitre link : CVE-2021-45342
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
debian
- debian_linux
librecad
- librecad
fedoraproject
- fedora