A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under elevated privileges. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.Īutodesk Licensing Installer was found to be vulnerable to privilege escalation issues.
#AUTODESK BACKBURNER 2017 PDF#
This vulnerability can be exploited to execute arbitrary code.Ī Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review. This vulnerability can be exploited to execute arbitrary code.Ī heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011.
This vulnerability can be exploited to execute arbitrary code.Ī maliciously crafted TIFF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability can be exploited by remote attackers to execute arbitrary code.Ī maliciously crafted PCX, PICT, RCL or TIFF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL or TIFF files. An attacker can leverage this to execute arbitrary code.Ī maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability can be exploited to execute arbitrary code.Ī Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file.
#AUTODESK BACKBURNER 2017 FULL#
In order to exploit this the attacker would need the victim to enable full page heap in the application.Ī maliciously crafted TIFF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code.Ī Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.Īn Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.Ī Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.Ī maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file.
This vulnerability can be exploited to execute arbitrary code.
This vulnerability can be exploited to execute arbitrary code.Ī maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary codeĪ maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. A Memory Corruption Vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 and prior may lead to remote code execution through maliciously crafted DWF and TGA files.Īn Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 may lead to code execution through maliciously crafted JT files.Ī maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 may be forced to read beyond allocated boundaries when parsing the JT file.
0 kommentar(er)
