CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27909 – Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27909
17 Apr 2023 — An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the l... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27910
https://notcve.org/view.php?id=CVE-2023-27910
17 Apr 2023 — A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27911 – Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27911
17 Apr 2023 — A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41302
https://notcve.org/view.php?id=CVE-2022-41302
14 Oct 2022 — An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Una vulnerabilidad de lectura fuera de límites en Autodesk FBX SDK versión 2020. y anteriores puede conllevar a una ejecución de código o una divulgación de información mediante archivos FBX diseñados de forma m... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41303
https://notcve.org/view.php?id=CVE-2022-41303
14 Oct 2022 — A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. Un usuario puede ser engañado para abrir un archivo FBX malicioso que puede explotar una vulnerabilidad de uso de memoria previamente liberada en Autodesk FBX SDK versión 2020 causando que la aplicación haga referencia a una ubica... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41304
https://notcve.org/view.php?id=CVE-2022-41304
14 Oct 2022 — An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure. Una vulnerabilidad de escritura fuera de límites en Autodesk FBX SDK versión 2020 y anteriores, puede conllevar a una ejecución de código a mediante archivos FBX diseñados de forma maliciosa o una divulgación de información • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7085
https://notcve.org/view.php?id=CVE-2020-7085
17 Apr 2020 — A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it. Una vulnerabilidad de desbordamiento de pila (heap) en Autodesk FBX-SDK versiones 2019.2 y anteriores, puede conllevar a una ejecución de código arbitraria en un sistema que lo ejecute. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7084
https://notcve.org/view.php?id=CVE-2020-7084
17 Apr 2020 — A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. Una vulnerabilidad de desbordamiento del puntero NULL en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una denegación de servicio de la aplicación. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7083
https://notcve.org/view.php?id=CVE-2020-7083
17 Apr 2020 — An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. Una vulnerabilidad de desbordamiento de enteros en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una denegación de servicio de la aplicación. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7082
https://notcve.org/view.php?id=CVE-2020-7082
17 Apr 2020 — A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it. Una vulnerabilidad de uso de la memoria previamente liberada en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una ejecución de código en un sistema que lo ejecute. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 • CWE-416: Use After Free •