Vulnerabilities > CVE-2019-9770 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
gnu
opensuse
CWE-787
nessus

Summary

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.

Vulnerable Configurations

Part Description Count
Application
Gnu
2
Application
Opensuse
1
OS
Opensuse
1

Common Weakness Enumeration (CWE)

Nessus

NASL familySuSE Local Security Checks
NASL idOPENSUSE-2020-68.NASL
descriptionThis update for libredwg fixes the following issues : libredwg was updated to release 0.9.3 : - Added the -x,--extnames option to dwglayers for r13-r14 DWGs. - Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle for r13. - Add DICTIONARY.itemhandles[] for r13 and r14. - Fixed some dwglayers NULL pointer derefs, and flush its output for each layer. - Added several overflow checks from fuzzing [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826], [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828], [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832] - Disallow illegal SPLINE scenarios [CVE-2019-20009, boo#1159824] Update to release 0.9.1 : - Fixed more NULL pointer dereferences, overflows, hangs and memory leaks for fuzzed (i.e. illegal) DWGs. Update to release 0.9 [boo#1154080] : - Added the DXF importer, using the new dynapi and the r2000 encoder. Only for r2000 DXFs. - Added utf8text conversion functions to the dynapi. - Added 3DSOLID encoder. - Added APIs to find handles for names, searching in tables and dicts. - API breaking changes - see NEWS file in package. - Fixed NULL pointer dereferences, and memory leaks (except DXF importer) [boo#1129868, CVE-2019-9779] [boo#1129869, CVE-2019-9778] [boo#1129870, CVE-2019-9777] [boo#1129873, CVE-2019-9776] [boo#1129874, CVE-2019-9773] [boo#1129875, CVE-2019-9772] [boo#1129876, CVE-2019-9771] [boo#1129878, CVE-2019-9775] [boo#1129879, CVE-2019-9774] [boo#1129881, CVE-2019-9770] Update to 0.8 : - add a new dynamic API, read and write all header and object fields by name - API breaking changes - Fix many errors in DXF output - Fix JSON output - Many more bug fixes to handle specific object types
last seen2020-06-01
modified2020-06-02
plugin id133130
published2020-01-21
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/133130
titleopenSUSE Security Update : libredwg (openSUSE-2020-68)