CVE-2018-18224

Sažetak

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.

Reference

http://www.securityfocus.com/bid/105603
https://www.opendesign.com/security-advisories
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

19-10-2018 - 22:29