Security Advisory

CVE-2023-22669

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-15 00:00:00

Last updated 2025-05-05 16:05:58

Assigner mitre

State PUBLISHED

Description

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

← Browse all CVEs View on cve.org ↗