CVE-2018-18224

HIGH

Open Design Alliance Drawings SDK 2019Update1 - Out-of-bounds Read in File Reading Procedure

Title source: llm
STIX 2.1

Description

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105603
Vendor Advisory x_refsource_confirm
https://www.opendesign.com/security-advisories

Scores

CVSS v3 8.1
EPSS 0.0216
EPSS Percentile 80.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Details

CWE
CWE-125
Status published
Products (3)
opendesign/drawings_sdk 2019 update1
oracle/outside_in_technology 8.5.3
oracle/outside_in_technology 8.5.4
Published Oct 19, 2018
Tracked Since Feb 18, 2026