CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7359
https://notcve.org/view.php?id=CVE-2019-7359
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution. Una vulnerabilidad explotable de desbordamiento de pila en el código de manejo AcCellMargin en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD , Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado con muchos márgenes de celda que pueblan un objeto AcCellMargin puede generar un desbordamiento de pila, lo que conlleva a la ejecución del código. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7358
https://notcve.org/view.php?id=CVE-2019-7358
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. Se presenta una vulnerabilidad explotable de desbordamiento de pila en la funcionalidad DXF-parsing en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P & ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado puede generar un desbordamiento de pila, lo que resulta en la ejecución de código malicioso. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7361
https://notcve.org/view.php?id=CVE-2019-7361
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. Un atacante puede convencer a una víctima para abrir un archivo micro de acción maliciosa (.actm) que tiene datos serializados, lo que puede desencadenar una ejecución de código en Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P & ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7360
https://notcve.org/view.php?id=CVE-2019-7360
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution. Una vulnerabilidad explotable de uso de memoria previamente liberada (use-after-free) de la funcionalidad de análisis DXF en Parodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018 Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018 y Autodesk Civil 3D 2018. Un archivo DXF especialmente creado puede desencadenar un use-after-free, lo que conlleva a la ejecución del código. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 56EXPL: 0CVE-2013-3665
https://notcve.org/view.php?id=CVE-2013-3665
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. Vulnerabilidad no especificada en Autodesk AutoCAD hasta 2014, AutoCAD LT hasta 2014 y DWG TrueView hasta 2014, permite a atacantes remotos ejecutar código arbitrario a través de un archivo DWG diseñado. • http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf http://usa.autodesk.com/adsk/servlet/ps/dl/item?id=21972896&linkID=9240618&siteID=123112 •