Buffer overflow in Solidworks Product_data_management

CVE-2014-100014

Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a (1) 2001, (2) 2002, or (3) 2003 opcode to port 3000.

Vulnerability class: Buffer Overflow

EPSS: 0.101 (93.2th percentile) — read the EPSS interpretation.

Affected products

Solidworks Product_data_management — versions 2014
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

31763 (Exploit, exploit, x_refsource_EXPLOIT-DB)
57037 (x_refsource_SECUNIA, third-party-advisory)
workgroup-pdmwservice-bo(91264) (vdb-entry, x_refsource_XF)