First published: Sun Nov 14 2021(Updated: )
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opendesign Oda Viewer | <2022.11 | |
Open Design Alliance (ODA) ODAViewer | ||
<2022.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2021-43272.
The affected software is Open Design Alliance (ODA) ODAViewer.
Yes, user interaction is required to exploit this vulnerability by visiting a malicious page or opening a malicious file.
The severity of this vulnerability is critical.
To fix this vulnerability, it is recommended to apply the latest security updates provided by Open Design Alliance (ODA).