This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. CVE-2024-23128: A maliciously crafted MODEL file in libodxdll.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation.A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. CVE-2024-23127: A maliciously crafted MODEL, SLDPRT or SLDASM file in VCRUNTIME140.dll when parsed through Autodesk AutoCAD can be used to cause a Heap-based Overflow.CVE-2024-23126 : A maliciously crafted CATPART file in CC5Dll.dll when parsed through Autodesk AutoCAD can be used to cause a Stack-based Overflow.CVE-2024-23125: A maliciously crafted SLDPRT file in ODXSW_DLL.dll when parsed through Autodesk AutoCAD can be used to cause a Stack-based Overflow.A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. CVE-2024-23124: A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write.CVE-2024-23123: A maliciously crafted CATPART file in CC5Dll.dll or ASMBASE228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. CVE-2024-23122: A maliciously crafted 3DM file in opennurbs.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write.CVE-2024-23121: A maliciously crafted MODEL file in libodxdll.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write.CVE-2024-23120: A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write.CVE-2024-0446: A maliciously crafted STP, CATPART or MODEL file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write.The details of the vulnerabilities are as follows:
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |