DXFScope 0.2 - Remote Client-Side Buffer Overflow

EDB-ID:

24995

CVE:

N/A




Platform:

Multiple

Date:

2004-12-16


source: https://www.securityfocus.com/bid/11986/info

A remote, client-side buffer overflow vulnerability reportedly affects the DXFscope utility. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it as the format specifier string in a formatted printing function.

An attacker may leverage this issue to execute arbitrary code with the privileges on an unsuspecting user that uses the vulnerable application to process a malicious DXF formatted file. This may facilitate unauthorized access or privilege escalation. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/24995.dxf