First published: Tue Apr 09 2019(Updated: )
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution.
Credit: psirt@autodesk.com psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Advance Steel | =2018 | |
Autodesk Autocad | =2018 | |
Autodesk AutoCAD Architecture | =2018 | |
Autodesk AutoCAD Electrical | =2018 | |
Autodesk Autocad Lt | =2018 | |
Autodesk AutoCAD Map 3D | =2018 | |
Autodesk AutoCAD Mechanical | =2018 | |
Autodesk AutoCAD MEP | =2018 | |
Autodesk Autocad P\&id | =2018 | |
Autodesk AutoCAD Plant 3D | =2018 | |
Autodesk Civil 3D | =2018 | |
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-7358 is an exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk products.
Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018.
CVE-2019-7358 has a severity rating of 7.8 out of 10.
Apply the necessary security patches provided by Autodesk to fix CVE-2019-7358.
You can find more information about CVE-2019-7358 on Autodesk's security advisories page: https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001