CVE-2024-1847 Information

Description

Heap-based Buffer Overflow Memory Corruption Out-Of-Bounds Read Out-Of-Bounds Write Stack-based Buffer Overflow Type Confusion Uninitialized Variable Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART DWG DXF IPT JT SAT SLDDRW SLDPRT STL STP X_B or X_T file.

Reference

https://www.3ds.com/vulnerability/advisories