Medium
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to achieve code execution.
The affected product is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution.
The affected product is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash.
The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to read sensitive information from other memory locations or cause a crash.
The affected product is vulnerable to access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service.
Parsing a specially crafted project file may cause a heap-based buffer overflow, which may allow an attacker to execute arbitrary code.
Refer to CERT-Advisory for patch, upgrade, or suggested workaround information.