Vulnerabilities > Autodesk > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-7360 Use After Free vulnerability in Autodesk products
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
network
autodesk CWE-416
6.8
6.8
2019-04-09 CVE-2019-7359 Out-of-bounds Write vulnerability in Autodesk products
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
network
autodesk CWE-787
6.8
6.8
2019-04-09 CVE-2019-7358 Out-of-bounds Write vulnerability in Autodesk products
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
network
autodesk CWE-787
6.8
6.8
2017-01-25 CVE-2016-9304 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
network
autodesk CWE-119
6.8
6.8
2015-12-15 CVE-2015-8572 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk Design Review 2013
Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file.
network
autodesk CWE-119
6.8
6.8
2015-12-15 CVE-2015-8571 Numeric Errors vulnerability in Autodesk Design Review 2013
Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow.
network
autodesk CWE-189
6.8
6.8
2014-12-08 CVE-2014-9268 Improper Input Validation vulnerability in Autodesk Design Review 2011/2012/2013
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
network
autodesk CWE-20
6.8
6.8
2014-02-22 CVE-2014-0819 Improper Input Validation vulnerability in Autodesk Autocad
Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory. 		4.4
4.4
2013-07-18 CVE-2013-3665 Unspecified vulnerability in Autodesk products
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
network
autodesk
6.8
6.8
2012-09-07 CVE-2010-5241 Unspecified vulnerability in Autodesk Autocad 2010
Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file.
local
autodesk
6.9
6.9