An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9773
Reference (s):
- BID:107447
- URL: http://www.securityfocus.com/bid/107447
- https://github.com/LibreDWG/libredwg/issues/99
- https://savannah.gnu.org/bugs/index.php?55893
- SUSE:openSUSE-SU-2020:0068