CVE-2019-20913

Sažetak

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.

Reference

https://github.com/LibreDWG/libredwg/commit/3f503dd294efc63a59608d8a16058c41d44ba13a
https://github.com/LibreDWG/libredwg/issues/178

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:P

Zadnje važnije ažuriranje

22-07-2020 - 18:18

Objavljeno

16-07-2020 - 18:15