CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12197 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12197
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12194 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12194
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw e... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12179 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12179
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or ex... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12193 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12193
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12192 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12192
17 Dec 2024 — A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary co... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12191 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12191
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12178 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12178
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw e... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11422 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-11422
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11608
https://notcve.org/view.php?id=CVE-2024-11608
09 Dec 2024 — A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0026 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11454 – Untrusted Search Path vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-11454
09 Dec 2024 — A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0025 • CWE-426: Untrusted Search Path •