CVE-2021-43272

CRITICAL Year: 2021
CVSS v3 Score
9.8
Critical
CVSS v2 Score
7.5
High
Weakness Type
CWE-755
View all →

Vulnerability Description

An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.

Related Vulnerabilities

CVE-2009-5043

CRITICAL
CVSS:9.8(Critical)

burn allows file names to escape via mishandled quotation marks

CWE-7552009

CVE-2017-2877

CRITICAL
CVSS:9.8(Critical)

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attac...

CWE-7552017

CVE-2017-5638

CRITICAL
CVSS:9.8(Critical)

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows re...

CWE-7552017

CVE-2018-19991

CRITICAL
CVSS:9.8(Critical)

VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-20...

CWE-7552018

CVE-2019-12815

CRITICAL
CVSS:9.8(Critical)

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

CWE-7552019

CVE-2019-14431

CRITICAL
CVSS:9.8(Critical)

In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseS...

CWE-7552019