CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27909 – Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27909
17 Apr 2023 — An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the l... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27910
https://notcve.org/view.php?id=CVE-2023-27910
17 Apr 2023 — A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27911 – Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27911
17 Apr 2023 — A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41302
https://notcve.org/view.php?id=CVE-2022-41302
14 Oct 2022 — An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Una vulnerabilidad de lectura fuera de límites en Autodesk FBX SDK versión 2020. y anteriores puede conllevar a una ejecución de código o una divulgación de información mediante archivos FBX diseñados de forma m... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41303
https://notcve.org/view.php?id=CVE-2022-41303
14 Oct 2022 — A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. Un usuario puede ser engañado para abrir un archivo FBX malicioso que puede explotar una vulnerabilidad de uso de memoria previamente liberada en Autodesk FBX SDK versión 2020 causando que la aplicación haga referencia a una ubica... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41304
https://notcve.org/view.php?id=CVE-2022-41304
14 Oct 2022 — An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure. Una vulnerabilidad de escritura fuera de límites en Autodesk FBX SDK versión 2020 y anteriores, puede conllevar a una ejecución de código a mediante archivos FBX diseñados de forma maliciosa o una divulgación de información • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 • CWE-787: Out-of-bounds Write •