Tuesday, September 7, 2021

Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library



Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. 

Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution. 

The dxflib library is a C++ library utilized by digital design software such as QCAD and KiCad to parse DXF files for reading and writing. 

TALOS-2021-1346 (CVE-2021-21897) is a vulnerability that arises if an attacker were to provide the user with a specially crafted .dxf file. The attacker could cause a heap buffer overflow, which could eventually allow them to execute remote code on the victim machine. 

Cisco Talos worked with Ribbonsoft to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy

Users are encouraged to update these affected products as soon as possible: Ribbonsoft dxflib, version 3.17.0. Talos tested and confirmed these versions of the library could be exploited by this vulnerability. 

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 57971 and 57972. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.