Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024.
These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.3ds.com/vulnerability/advisories |
History
Mon, 02 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-122 CWE-457 |
MITRE
Status: PUBLISHED
Assigner: 3DS
Published: 2024-03-22T10:58:51.824Z
Updated: 2024-09-02T08:10:55.832Z
Reserved: 2024-02-23T16:39:37.098Z
Link: CVE-2024-1848
Vulnrichment
Updated: 2024-08-01T18:56:22.220Z
NVD
Status : Awaiting Analysis
Published: 2024-03-22T11:15:46.633
Modified: 2024-11-21T08:51:26.970
Link: CVE-2024-1848
Redhat
No data.