CVE-2018-18224

Published: Oct 19, 2018Modified: Nov 21, 2024

8.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.

Affected (3)

Products: Opendesign: Drawings Sdk · Oracle: Outside In Technology

1 product

1 product

Outside In Technology

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opendesign Drawings Sdk	Version 2019 update1

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Outside In Technology	Version 8.5.3
Oracle Outside In Technology	Version 8.5.4

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (6)

http://www.securityfocus.com/bid/105603

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.opendesign.com/security-advisories

Source: cve@mitre.org

Vendor Advisory

https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/105603

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.opendesign.com/security-advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.