GstarCAD's Prevention of Exploit in DWG Files

   August 29, 2013

August 27, 2013, upFront.eZine released a press about the exploit in .dwg files. Two security researchers in Argentina earlier this year found an exploit in DWG version AC1021 files used by AutoCAD 2007 and later, as well as TrueView and Autodesk software based on AutoCAD. The exploit is severe enough ("Medium") to be listed in the US government's National Vulnerability Database (see http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3665).



Security research firm Binamuse reported the problem to Autodesk on March 27, following which Autodesk quietly released a hotfix July 10. The patch is for AutoCAD 2011-2014, but not for the truly affected releases of AutoCAD 2007-2010, oddly enough. (The more recent releases are affected only in that they can read DWG 2007-10 files.

Felipe Manzano, the exploit finder pointed: "AutoCAD is vulnerable to an arbitrary pointer dereference vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. This issue is due to AutoCAD's failure to properly bounds-check data in a DWG file before using it to index and copy heap memory values. This can be exploited to execute arbitrary code by opening a specially crafted DWG file."

Neil Peterson is the chief technical officer of Open Design Alliance, and he explained, "Loading one of these specially-crafted .dwg files cannot result in the execution of arbitrary/malicious code in an ODA Teigha-based application. A source-code fix for the heap corruption issue is already available to ODA founding members, and the fix will be included in the 3.9.1 release of Teigha scheduled for December 2013."

As an ODA member, GstarCAD is an ODA Teigha-based application, which means this severe enough exploit never will be a threat to GstarCAD users.