CVE-2024-3298

CVSS V2 None CVSS V3 None

Description

Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF. NOTE: this vulnerability was SPLIT from CVE-2024-1847.

Overview

CVE ID
CVE-2024-3298

Assigner
3DS

Vulnerability Status
PUBLISHED

Published Version
2024-04-04T15:11:24.865Z

Last Modified Date
2024-04-04T15:11:24.865Z

Weakness Enumerations

CWE	URL
CWE-787	http://cwe.mitre.org/data/definitions/787.html
CWE-843	http://cwe.mitre.org/data/definitions/843.html

References

Reference URL	Reference Tags
https://www.3ds.com/vulnerability/advisories

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-3298
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3298

History

Created	Old Value	New Value	Data Type	Notes
2024-06-23 22:57:41				Added to TrackCVE