CVE-2021-43272

Published: Nov 14, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.

Affected (1)

Products: Opendesign: Oda Viewer

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opendesign Oda Viewer	Before 2022.11

Related CWEs

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (8)

https://www.opendesign.com/security-advisories

Source: cve@mitre.org

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-1358/

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-21-1360/

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-21-1363/

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.opendesign.com/security-advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-1358/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-21-1360/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-21-1363/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.