All the vulnerabilites related to autodesk - autocad_p\&id
Vulnerability from fkie_nvd
Published
2019-04-09 20:30
Modified
2024-11-21 04:48
Severity ?
Summary
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | advance_steel | 2018 | |
| autodesk | autocad | 2018 | |
| autodesk | autocad_architecture | 2018 | |
| autodesk | autocad_electrical | 2018 | |
| autodesk | autocad_lt | 2018 | |
| autodesk | autocad_map_3d | 2018 | |
| autodesk | autocad_mechanical | 2018 | |
| autodesk | autocad_mep | 2018 | |
| autodesk | autocad_p\&id | 2018 | |
| autodesk | autocad_plant_3d | 2018 | |
| autodesk | civil_3d | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "461B3C59-740C-4530-80DA-23DD38A0EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2610D4-81E7-4B85-9147-C3F24895EDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDE64CF-3527-4C9A-9672-E2FA3BCC8B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2B0DF8-8827-4CF2-94F1-D2871FA5095F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "85BF0890-5AE7-46BA-8FD4-667B20081A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C4F749-A0C3-4C25-B5FC-CE3E49AFF8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "E34DF2FB-6A4F-4060-9DE4-EE635D9056E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "BA943872-F736-4EC2-8328-9AABCAE08154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C406D-9E82-4B2B-8065-FEB797DE65B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "68F6B255-EE77-48BA-AEEE-9395C85BF274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "2692C0E3-9A82-42BA-A80D-8A0D72FD3164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad explotable de desbordamiento de pila en la funcionalidad DXF-parsing en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P \u0026 ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado puede generar un desbordamiento de pila, lo que resulta en la ejecuci\u00f3n de c\u00f3digo malicioso."
}
],
"id": "CVE-2019-7358",
"lastModified": "2024-11-21T04:48:05.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T20:30:21.227",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-09 20:30
Modified
2024-11-21 04:48
Severity ?
Summary
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | advance_steel | 2018 | |
| autodesk | autocad | 2018 | |
| autodesk | autocad_architecture | 2018 | |
| autodesk | autocad_electrical | 2018 | |
| autodesk | autocad_lt | 2018 | |
| autodesk | autocad_map_3d | 2018 | |
| autodesk | autocad_mechanical | 2018 | |
| autodesk | autocad_mep | 2018 | |
| autodesk | autocad_p\&id | 2018 | |
| autodesk | autocad_plant_3d | 2018 | |
| autodesk | civil_3d | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "461B3C59-740C-4530-80DA-23DD38A0EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2610D4-81E7-4B85-9147-C3F24895EDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDE64CF-3527-4C9A-9672-E2FA3BCC8B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2B0DF8-8827-4CF2-94F1-D2871FA5095F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "85BF0890-5AE7-46BA-8FD4-667B20081A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C4F749-A0C3-4C25-B5FC-CE3E49AFF8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "E34DF2FB-6A4F-4060-9DE4-EE635D9056E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "BA943872-F736-4EC2-8328-9AABCAE08154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C406D-9E82-4B2B-8065-FEB797DE65B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "68F6B255-EE77-48BA-AEEE-9395C85BF274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "2692C0E3-9A82-42BA-A80D-8A0D72FD3164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018."
},
{
"lang": "es",
"value": "Un atacante puede convencer a una v\u00edctima para abrir un archivo micro de acci\u00f3n maliciosa (.actm) que tiene datos serializados, lo que puede desencadenar una ejecuci\u00f3n de c\u00f3digo en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P \u0026 ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018."
}
],
"id": "CVE-2019-7361",
"lastModified": "2024-11-21T04:48:05.923",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T20:30:21.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-18 16:51
Modified
2024-11-21 01:54
Severity ?
Summary
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "299073C8-9B1C-48A2-B7A7-A672D53D8E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6F81AA-1474-4664-AFAC-914D04174B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC4C57B-6510-48D7-AA83-5BF670FB340C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFF828F-D91B-4AA2-96A6-F442E5DD6B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "70606792-1DA8-48F8-BF4E-E22494C2C0E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "75BC59AA-49CC-4000-837A-CAB0BA17EBC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "88EB99BC-A02A-41E9-B99E-DADA8B9DF70C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "7A42C696-594B-4470-8738-003372E49758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E80FC4DC-7608-4DE5-AC73-3EACC38D54C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7415E6-B6D9-419A-AC7D-4B9C8ADDE800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "387EBC87-285A-494F-81CD-0EC32A65779B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "31EED576-8E6A-4216-881A-28B901B33E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_ecscad:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A73D6-7D9A-4CF4-BD78-A3C7849C9D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_ecscad:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "57ED2EB5-9D6A-4766-BA6B-B661D47948AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_ecscad:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "CA975CD4-6B57-47EA-B7F6-6473E23BE5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_ecscad:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "4C094A2B-94DD-4E4B-AF4D-D343086A7BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9E0544-AC75-4790-8B27-49E469D2E8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "06B39065-D23C-49E3-8A49-8AD669047E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE5CA67-A0BB-4A83-8EB4-793B88F8773C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEF6B5F-1967-405E-83EE-16E49DFC2A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "83BD3C4D-18CD-4510-A4E0-3BA3978C9324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1B8B8E-4577-444B-A449-5CFD261E2B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "4BCE0736-8DB6-45B5-9DA0-B724C3F13CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1E601FF0-AB4E-4281-BAF5-77595962B0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "72DACBD7-30D5-4D90-8F68-3E8E48598B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "6257466C-D2C0-45A8-B2BB-65A352B390BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "503CDD12-1BFA-4FF5-A19B-A0DDB16F58A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2D1F1B-0670-4C56-8EE1-9BCC84483DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B7BE04-5F32-4584-AAC9-A6D40ED9FA20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DF774-3F24-4EE6-926B-167FB9E8F973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "282D0528-E9A8-401A-80BF-FDC076C7EC8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "C0890618-9163-4CF7-9A5F-FA044FFB780A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "700B0FC1-FE07-4DD3-89D2-3BC156948C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "32E03919-B213-46FC-BEF5-B6A05203098E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "E8178476-142C-4503-9B37-75E27ED909E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "722E7B6C-C1E3-474E-820F-394691AFA799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AB10C8-007A-417B-89F3-3AC8F9A543E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "071D0A78-D070-47ED-99CE-F536C3E94C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "661115C8-4B58-44AA-B374-56E92D505BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "3638B0E3-180B-49FF-8B01-9BBC9882FB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "0F977CE9-267E-454D-9A58-7B3AC6A1CC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FA912A-19A1-4892-BD2B-F5ACD17B9019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0E8775-002E-48E5-A7B8-BFB6161B3095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "59C61055-C1CA-4653-9E23-1AA31F8D2872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_structural_detailing:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EFC1FC-71DA-43BD-8187-A855164719C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_structural_detailing:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "30E12B55-53FE-4819-9EF7-A820B35B945C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_structural_detailing:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "F264CE51-6F98-4586-99DC-5CD9EF6948A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_structural_detailing:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC1EAE5-8ECA-4D35-8B6D-7B2D79A8F2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_utility_design:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "068A4983-1C82-4CBF-8A4C-156FDC028BDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_utility_design:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "FEC4ED58-11AA-4F46-97A8-2892CC800926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_utility_design:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "97598383-B402-468D-BB10-6FD68C1BADE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_utility_design:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "B962A538-F7E0-4925-9FC8-5FD47114482D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C5245F-E7C5-44F6-A3E2-829D6F2DB107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "31561D54-346B-41B3-AA13-15CBA2DD217E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "E032C3A9-2B09-4826-B393-8C67AAA4B55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4556F7-A209-4419-84D2-40DEC588623B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Autodesk AutoCAD hasta 2014, AutoCAD LT hasta 2014 y DWG TrueView hasta 2014, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo DWG dise\u00f1ado."
}
],
"id": "CVE-2013-3665",
"lastModified": "2024-11-21T01:54:05.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-18T16:51:38.953",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-09 20:30
Modified
2024-11-21 04:48
Severity ?
Summary
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | advance_steel | 2018 | |
| autodesk | autocad | 2018 | |
| autodesk | autocad_architecture | 2018 | |
| autodesk | autocad_electrical | 2018 | |
| autodesk | autocad_lt | 2018 | |
| autodesk | autocad_map_3d | 2018 | |
| autodesk | autocad_mechanical | 2018 | |
| autodesk | autocad_mep | 2018 | |
| autodesk | autocad_p\&id | 2018 | |
| autodesk | autocad_plant_3d | 2018 | |
| autodesk | civil_3d | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "461B3C59-740C-4530-80DA-23DD38A0EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2610D4-81E7-4B85-9147-C3F24895EDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDE64CF-3527-4C9A-9672-E2FA3BCC8B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2B0DF8-8827-4CF2-94F1-D2871FA5095F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "85BF0890-5AE7-46BA-8FD4-667B20081A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C4F749-A0C3-4C25-B5FC-CE3E49AFF8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "E34DF2FB-6A4F-4060-9DE4-EE635D9056E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "BA943872-F736-4EC2-8328-9AABCAE08154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C406D-9E82-4B2B-8065-FEB797DE65B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "68F6B255-EE77-48BA-AEEE-9395C85BF274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "2692C0E3-9A82-42BA-A80D-8A0D72FD3164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution."
},
{
"lang": "es",
"value": "Una vulnerabilidad explotable de uso de memoria previamente liberada (use-after-free) de la funcionalidad de an\u00e1lisis DXF en Parodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018 Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado puede desencadenar un use-after-free, lo que conlleva a la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2019-7360",
"lastModified": "2024-11-21T04:48:05.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T20:30:21.337",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-09 20:30
Modified
2024-11-21 04:48
Severity ?
Summary
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | advance_steel | 2018 | |
| autodesk | autocad | 2018 | |
| autodesk | autocad_architecture | 2018 | |
| autodesk | autocad_electrical | 2018 | |
| autodesk | autocad_lt | 2018 | |
| autodesk | autocad_map_3d | 2018 | |
| autodesk | autocad_mechanical | 2018 | |
| autodesk | autocad_mep | 2018 | |
| autodesk | autocad_p\&id | 2018 | |
| autodesk | autocad_plant_3d | 2018 | |
| autodesk | civil_3d | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "461B3C59-740C-4530-80DA-23DD38A0EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2610D4-81E7-4B85-9147-C3F24895EDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDE64CF-3527-4C9A-9672-E2FA3BCC8B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2B0DF8-8827-4CF2-94F1-D2871FA5095F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "85BF0890-5AE7-46BA-8FD4-667B20081A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C4F749-A0C3-4C25-B5FC-CE3E49AFF8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "E34DF2FB-6A4F-4060-9DE4-EE635D9056E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "BA943872-F736-4EC2-8328-9AABCAE08154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C406D-9E82-4B2B-8065-FEB797DE65B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "68F6B255-EE77-48BA-AEEE-9395C85BF274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "2692C0E3-9A82-42BA-A80D-8A0D72FD3164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
},
{
"lang": "es",
"value": "Una vulnerabilidad explotable de desbordamiento de pila en el c\u00f3digo de manejo AcCellMargin en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD , Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado con muchos m\u00e1rgenes de celda que pueblan un objeto AcCellMargin puede generar un desbordamiento de pila, lo que conlleva a la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2019-7359",
"lastModified": "2024-11-21T04:48:05.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T20:30:21.287",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-23 20:15
Modified
2024-11-21 04:48
Severity ?
Summary
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "CB72BEDD-3A76-44B8-8192-D4F12C87488D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "461B3C59-740C-4530-80DA-23DD38A0EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "963B02A8-97DE-4C10-9AE1-3DA4FBC9AF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4543D1-94E4-4470-91BF-6F3141FD9DAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "D45E4513-4F91-492F-ABFA-E67EAEB3514C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2610D4-81E7-4B85-9147-C3F24895EDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "411DC826-735A-4BEB-84BE-9250F97F612E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "E30E2562-D38E-4764-874E-5B2FCF5639E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "65CA52C5-9F62-455C-949C-4AE00FDDFA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDE64CF-3527-4C9A-9672-E2FA3BCC8B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9275E76C-2A79-462A-A9D3-D0B6BBCDD0CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DFA12E-48C5-47B9-BD9F-1AFACBF4E1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "D93A0DCA-DE9C-4A0E-8EC3-46B1B32D88EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2B0DF8-8827-4CF2-94F1-D2871FA5095F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "A10DE5AF-1718-4899-9238-CFFDC72D05B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "E388264D-D2D4-4BE4-9097-8F547D73ABE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "36D3F11C-900E-436C-A628-75CE5218489B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "85BF0890-5AE7-46BA-8FD4-667B20081A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "03682B7E-1CF1-4456-A51F-A6ADFC177935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "371C5F60-4959-40C7-93E1-A01510A95115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "7773B26C-12D3-4D00-990D-16F6978302A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C4F749-A0C3-4C25-B5FC-CE3E49AFF8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "04E05510-B21B-4DDD-88D7-CEB8963E1AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CD010A-FDBC-40F9-95AC-0CD8388B85D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "A591011C-4E67-497D-89B4-6F32460EEF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "E34DF2FB-6A4F-4060-9DE4-EE635D9056E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "19255CEC-6161-4D44-B87E-52E86DF4FBA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7147F378-DFB0-48A8-8B05-8777E1CC7F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "01D7FD7C-B818-4FA1-A845-6721729274EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "BA943872-F736-4EC2-8328-9AABCAE08154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "3F608B1C-BA96-4EA8-A540-83870262CBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFAAD19-6248-42CB-B177-EC2E5141A953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_p\\\u0026id:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "166A2A40-5073-4072-BBF9-5593FA052680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "15F0D764-62D6-4729-BB98-8C4BEBACD45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "68F6B255-EE77-48BA-AEEE-9395C85BF274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "4E536B0D-4C95-4589-981A-2F8A6C4B44DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBDD3AC-FA00-462F-AA13-5A75B5D50689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAAC86E-4D30-4A33-AC84-57486A7C26D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "2692C0E3-9A82-42BA-A80D-8A0D72FD3164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8A4F1F-0D78-41FB-BB62-4A6164AC0F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A4C41C-E547-4693-8C53-E21A56323D52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P\u0026ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution."
},
{
"lang": "es",
"value": "Vulnerabilidad de precarga de DLL en las versiones 2017, 2018, 2019 y 2020 de Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D y la versi\u00f3n 2017 de AutoCAD P\u0026ID. Un atacante puede enga\u00f1ar a un usuario para que abra un archivo DWG malicioso que puede aprovechar una vulnerabilidad de precarga de DLL en AutoCAD que puede provocar la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2019-7364",
"lastModified": "2024-11-21T04:48:06.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-23T20:15:10.690",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-7359
Vulnerability from cvelistv5
Published
2019-04-09 19:22
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | Autodesk Advance Steel |
Version: 2018 |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Map 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD P\u0026ID",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-13T16:26:16",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P\u0026ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7359",
"datePublished": "2019-04-09T19:22:56",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7364
Vulnerability from cvelistv5
Published
2019-08-23 19:36
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D, AutoCAD P&ID |
Version: 2017, 2018, 2019, 2020 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D, AutoCAD P\u0026ID",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2017, 2018, 2019, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P\u0026ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL preloading vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T19:36:17",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D, AutoCAD P\u0026ID",
"version": {
"version_data": [
{
"version_value": "2017, 2018, 2019, 2020"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P\u0026ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL preloading vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002",
"refsource": "CONFIRM",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7364",
"datePublished": "2019-08-23T19:36:17",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7360
Vulnerability from cvelistv5
Published
2019-04-09 19:21
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | Autodesk Civil 3D |
Version: 2018 |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Map 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD P\u0026ID",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-13T16:32:48",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P\u0026ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7360",
"datePublished": "2019-04-09T19:21:46",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7358
Vulnerability from cvelistv5
Published
2019-04-09 19:22
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | Autodesk AutoCAD LT |
Version: 2018 |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Map 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD P\u0026ID",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T19:22:39",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P\u0026ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7358",
"datePublished": "2019-04-09T19:22:39",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3665
Vulnerability from cvelistv5
Published
2013-07-18 14:00
Modified
2024-09-17 04:23
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896&linkID=9240618&siteID=123112 | x_refsource_CONFIRM | |
| http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-18T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112",
"refsource": "CONFIRM",
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896\u0026linkID=9240618\u0026siteID=123112"
},
{
"name": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf",
"refsource": "CONFIRM",
"url": "http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3665",
"datePublished": "2013-07-18T14:00:00Z",
"dateReserved": "2013-05-24T00:00:00Z",
"dateUpdated": "2024-09-17T04:23:51.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7361
Vulnerability from cvelistv5
Published
2019-04-09 19:22
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | Autodesk Civil 3D |
Version: 2018 |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Map 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD P\u0026ID",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
},
{
"product": "Autodesk AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T19:22:15",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P\u0026ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P\u0026ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7361",
"datePublished": "2019-04-09T19:22:15",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}