This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
Category Archives: Advisories
ZDI-24-265: Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
freeimage-3.19.0-0.23.svn1909.fc40 mingw-freeimage-3.19.0-0.20.svn1909.fc40
FEDORA-2024-c4d32d51c9
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc40
mingw-freeimage-3.19.0-0.20.svn1909.fc40
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
freeimage-3.19.0-0.23.svn1909.fc38 mingw-freeimage-3.19.0-0.20.svn1909.fc38
FEDORA-2024-e6a35cd250
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc38
mingw-freeimage-3.19.0-0.20.svn1909.fc38
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
freeimage-3.19.0-0.23.svn1909.fc39 mingw-freeimage-3.19.0-0.20.svn1909.fc39
FEDORA-2024-c0b61ab46b
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc39
mingw-freeimage-3.19.0-0.20.svn1909.fc39
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
chromium-122.0.6261.111-1.el7
FEDORA-EPEL-2024-a461023d55
Packages in this update:
chromium-122.0.6261.111-1.el7
Update description:
Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM
chromium-122.0.6261.111-1.el9
FEDORA-EPEL-2024-c8094838a7
Packages in this update:
chromium-122.0.6261.111-1.el9
Update description:
Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM
chromium-122.0.6261.111-1.el8
FEDORA-EPEL-2024-0128b1edbe
Packages in this update:
chromium-122.0.6261.111-1.el8
Update description:
Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM
mingw-expat-2.6.1-1.fc40
FEDORA-2024-afb73e6f62
Packages in this update:
mingw-expat-2.6.1-1.fc40
Update description:
Update to 2.6.1, backport fix for CVE-2024-28757.
mingw-expat-2.6.1-1.fc38
FEDORA-2024-40b98c9ced
Packages in this update:
mingw-expat-2.6.1-1.fc38
Update description:
Update to 2.6.1, backport fix for CVE-2024-28757.