CVE-2022-35903

LOW Year: 2022
CVSS v3 Score
3.3
Low
Weakness Type
CWE-125
View all →

Vulnerability Description

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process.

Related Vulnerabilities

CVE-2016-2091

LOW
CVSS:3.3(Low)

The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.

CWE-1252016

CVE-2016-8334

LOW
CVSS:3.3(Low)

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory l...

CWE-1252016

CVE-2017-2806

LOW
CVSS:3.3(Low)

An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory di...

CWE-1252017

CVE-2017-3021

LOW
CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.

CWE-1252017

CVE-2017-3022

LOW
CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file.

CWE-1252017

CVE-2017-3031

LOW
CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine.

CWE-1252017