Page 23 of 173 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. Un archivo DWG diseñado maliciosamente en Autodesk Navisworks versiones 2019, 2020, 2021, 2022, puede ser forzado a escribir más allá de los límites asignados cuando se analizan los archivos DWG. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0009 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files. Una vulnerabilidad de corrupción de memoria para archivos PDF en Autodesk Navisworks versiones 2019, 2020, 2021, 2022, puede conllevar a una ejecución de código mediante archivos DLL maliciosamente diseñados This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0008 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code. Un archivo PDF diseñado maliciosamente en Autodesk Navisworks versiones 2019, 2020, 2021, 2022, puede ser forzado a leer más allá de los límites asignados cuando se analiza el archivo PDF. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0008 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. Un archivo DWG diseñado maliciosamente en Autodesk Navisworks versiones 2019, 2020, 2021, 2022, puede ser forzado a leer más allá de los límites asignados cuando se analizan los archivos DWG. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0009 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code. Una vulnerabilidad de confusión de tipo en Autodesk Design Review 2018, 2017, 2013, 2012, 2011 puede ocurrir al procesar un archivo PDF maliciosamente diseñado. Un actor malicioso puede aprovechar esto para ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •