Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
History
20 Jul 2023, 01:56
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:3ds:3dexperience_solidworks:*:*:*:*:*:*:*:* | |
First Time |
3ds 3dexperience Solidworks
3ds |
|
CWE | CWE-416 CWE-787 |
|
References | (MISC) https://www.3ds.com/vulnerability/advisories - Vendor Advisory |
12 Jul 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 08:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-2763
Mitre link : CVE-2023-2763
CVE.ORG link : CVE-2023-2763
JSON object : View
Products Affected
3ds
- 3dexperience_solidworks