Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities found for AutoCAD by Autodesk, Inc.

    JVNDB-2014-000020

    Vulnerability from jvndb - Published: 2014-02-21 14:19 - Updated:2014-02-25 16:38
    Severity
    N/A (UNKNOWN) - -
    Summary
    AutoCAD may insecurely load dynamic libraries
    Details
    AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design (CAD). AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. kaito834 reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000020.html",
  "dc:date": "2014-02-25T16:38+09:00",
  "dcterms:issued": "2014-02-21T14:19+09:00",
  "dcterms:modified": "2014-02-25T16:38+09:00",
  "description": "AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design (CAD). AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nkaito834 reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000020.html",
  "sec:cpe": {
    "#text": "cpe:/a:autodesk:autocad",
    "@product": "AutoCAD",
    "@vendor": "Autodesk, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2014-000020",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN43254599/index.html",
      "@id": "JVN#43254599",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0819",
      "@id": "CVE-2014-0819",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0819",
      "@id": "CVE-2014-0819",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "AutoCAD may insecurely load dynamic libraries"
}

    JVNDB-2014-000019

    Vulnerability from jvndb - Published: 2014-02-21 14:16 - Updated:2014-02-25 16:39
    Severity
    N/A (UNKNOWN) - -
    Summary
    AutoCAD vulnerable to arbitrary VBScript execution
    Details
    AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design (CAD). AutoCAD loads specific FAS files when opening files. AutoCAD contains an issue with the FAS file search path, which may lead to arbitrary VBScript code execution. kaito834 reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000019.html",
  "dc:date": "2014-02-25T16:39+09:00",
  "dcterms:issued": "2014-02-21T14:16+09:00",
  "dcterms:modified": "2014-02-25T16:39+09:00",
  "description": "AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design (CAD). AutoCAD loads specific FAS files when opening files. AutoCAD contains an issue with the FAS file search path, which may lead to arbitrary VBScript code execution.\r\n\r\nkaito834 reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000019.html",
  "sec:cpe": {
    "#text": "cpe:/a:autodesk:autocad",
    "@product": "AutoCAD",
    "@vendor": "Autodesk, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2014-000019",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN33382534/index.html",
      "@id": "JVN#33382534",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0818",
      "@id": "CVE-2014-0818",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0818",
      "@id": "CVE-2014-0818",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "AutoCAD vulnerable to arbitrary VBScript execution"
}