CVE-2010-20114

VariCAD EN <= 2010-2.05 .dwb File Stack Buffer Overflow

Description

VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution.

INFO

Published Date :

2025-08-21T20:14:47.050Z

Last Modified :

2025-08-21T21:08:00.970Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2010-20114 vulnerability.

Vendors	Products
Varicad	Varicad

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2010-20114.

URL	Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/varicad_dwb.rb
https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26522
https://www.exploit-db.com/exploits/11789
https://www.fortiguard.com/encyclopedia/ips/18735
https://www.seebug.org/vuldb/ssvid-71154
https://www.varicad.com/en/home/
https://www.vulncheck.com/advisories/varicad-en-dwb-file-stack-buffer-overflow

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability