CVE-2024-3298
Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the DWG and DXF file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024
Published
2024-04-04
Updated
-
Description
Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF. NOTE: this vulnerability was SPLIT from CVE-2024-1847.
Affected Products
eDrawings
Affected Versions
From Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024
Severity
High