Out-of-bounds Read Vulnerability in Open Design Alliance ODA Viewer (2022.8) Allows Arbitrary Code Execution
CVE-2021-43276 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process
Learn more about our Web Application Penetration Testing UK.