This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
Category Archives: Advisories
ZDI-24-268: Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-267: Dassault Systèmes eDrawings SLDDRW File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-266: Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-265: Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
freeimage-3.19.0-0.23.svn1909.fc40 mingw-freeimage-3.19.0-0.20.svn1909.fc40
FEDORA-2024-c4d32d51c9
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc40
mingw-freeimage-3.19.0-0.20.svn1909.fc40
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
freeimage-3.19.0-0.23.svn1909.fc38 mingw-freeimage-3.19.0-0.20.svn1909.fc38
FEDORA-2024-e6a35cd250
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc38
mingw-freeimage-3.19.0-0.20.svn1909.fc38
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
freeimage-3.19.0-0.23.svn1909.fc39 mingw-freeimage-3.19.0-0.20.svn1909.fc39
FEDORA-2024-c0b61ab46b
Packages in this update:
freeimage-3.19.0-0.23.svn1909.fc39
mingw-freeimage-3.19.0-0.20.svn1909.fc39
Update description:
Add downstream fixes for CVE-2023-47995 and CVE-2023-47997.
chromium-122.0.6261.111-1.el7
FEDORA-EPEL-2024-a461023d55
Packages in this update:
chromium-122.0.6261.111-1.el7
Update description:
Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM
chromium-122.0.6261.111-1.el9
FEDORA-EPEL-2024-c8094838a7
Packages in this update:
chromium-122.0.6261.111-1.el9
Update description:
Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM