ID CVE-2019-9773
Summary An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:libredwg:0.7.1645:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libredwg:0.7.1645:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libredwg:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libredwg:0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 25-05-2022 - 20:53)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 107447
misc
suse
  • openSUSE-SU-2020:0068
  • openSUSE-SU-2020:0095
Last major update 25-05-2022 - 20:53
Published 14-03-2019 - 09:29
Last modified 25-05-2022 - 20:53
Back to Top