Vulnerabilities > Autodesk
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-23 | CVE-2014-3938 | Numeric Errors vulnerability in Autodesk Sketchbook PRO 6.2.4/6.2.5 Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow. | 9.3 |
| 2014-07-07 | CVE-2014-2967 | OS Command Injection vulnerability in Autodesk Vred 2014 Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server. | 10.0 |
| 2014-04-02 | CVE-2013-5365 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Autodesk products Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file. | 9.3 |
| 2014-02-22 | CVE-2014-0819 | Improper Input Validation vulnerability in Autodesk Autocad Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 4.4 |
| 2014-02-22 | CVE-2014-0818 | Code Injection vulnerability in Autodesk Autocad Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path. | 7.5 |
| 2013-07-18 | CVE-2013-3665 | Unspecified vulnerability in Autodesk products Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. network autodesk | 6.8 |
| 2012-09-07 | CVE-2010-5241 | Unspecified vulnerability in Autodesk Autocad 2010 Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. local autodesk | 6.9 |
| 2012-09-07 | CVE-2010-5226 | Unspecified vulnerability in Autodesk Design Review 2011 11.0.0.86 Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf file. local autodesk | 6.9 |
| 2009-11-24 | CVE-2009-3578 | Code Injection vulnerability in Autodesk Alias Wavefront Maya and Autodesk Maya Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes." | 9.3 |
| 2009-11-24 | CVE-2009-3577 | Code Injection vulnerability in Autodesk 3DS MAX Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks." | 9.3 |