CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2023-29073 – Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29073
19 Sep 2023 — A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo MODEL creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para provocar un desbordamiento del búfer basado en el heap. Un actor malintencionado puede apro... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2023-29074 – Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29074
19 Sep 2023 — A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para provocar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta v... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2023-29075 – Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29075
19 Sep 2023 — A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo PRT creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para provocar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabi... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2023-29076 – Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29076
19 Sep 2023 — A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo MODEL, SLDASM, SAT o CATPART creado con fines malintencionados cuando se analiza mediante Autodesk AutoCAD 2024 y 2023 podría causar una vulnerabilidad de corrupción de memoria. Esta vulnerabilidad, junto con otras vulnerabilidades, podría p... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-41139 – Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41139
19 Sep 2023 — A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo STP creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para eliminar la referencia a un puntero que no es de confianza. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-41140 – Autodesk AutoCAD PRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41140
19 Sep 2023 — A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo PRT creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para provocar un desbordamiento del búfer basado en el heap. Un actor malintencionado puede aprovech... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2022-33889
https://notcve.org/view.php?id=CVE-2022-33889
03 Oct 2022 — A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. Un archivo GIF o JPEG diseñado de forma maliciosa cuando es analizado mediante Autodesk Design Review versión 2018 y AutoCAD versiones 2023 y 2022, podría usarse para escribir más allá del búfer de la pila asignado. Esta vulnerabilidad podría conllevar a una ejecución de código ar... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2022-33890
https://notcve.org/view.php?id=CVE-2022-33890
03 Oct 2022 — A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo PCT o DWF malicioso cuando se consume a través de la aplicación DesignReview.exe podría llevar a una vulnerabilidad de corrupción de memoria por violación de acceso de lectura. Esta vulnerabilidad, junto con otr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 56EXPL: 0CVE-2013-3665 – AutoCAD DWG-AC1021 Heap Corruption
https://notcve.org/view.php?id=CVE-2013-3665
18 Jul 2013 — Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. Vulnerabilidad no especificada en Autodesk AutoCAD hasta 2014, AutoCAD LT hasta 2014 y DWG TrueView hasta 2014, permite a atacantes remotos ejecutar código arbitrario a través de un archivo DWG diseñado. AutoCAD DWG-AC1021 suffers from an arbitrary pointer dereference vulnerability that can be exploited to compromise a sy... • http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf •