First published: Wed Dec 04 2024(Updated: )
Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
Credit: 8a9629cb-c5e7-4d2a-a894-111e8039b7ea
Affected Software | Affected Version | How to fix |
---|---|---|
Open Design Alliance Drawings SDK | <2025.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-8894 has been categorized with a high severity rating due to its potential to cause application crashes and facilitate further exploitation.
To mitigate CVE-2024-8894, upgrade to Open Design Alliance Drawings SDK version 2025.10 or later, where the vulnerability is addressed.
CVE-2024-8894 can lead to application crashes and may enable attackers to execute arbitrary code under certain conditions.
CVE-2024-8894 affects Open Design Alliance Drawings SDK versions prior to 2025.10.
By exploiting CVE-2024-8894, an attacker can trigger unhandled exceptions that may crash the application, potentially leading to denial-of-service attacks.