First published: Tue Apr 09 2019(Updated: )
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution.
Credit: psirt@autodesk.com psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Advance Steel | =2018 | |
Autodesk Autocad | =2018 | |
Autodesk AutoCAD Architecture | =2018 | |
Autodesk AutoCAD Electrical | =2018 | |
Autodesk Autocad Lt | =2018 | |
Autodesk AutoCAD Map 3D | =2018 | |
Autodesk AutoCAD Mechanical | =2018 | |
Autodesk AutoCAD MEP | =2018 | |
Autodesk Autocad P\&id | =2018 | |
Autodesk AutoCAD Plant 3D | =2018 | |
Autodesk Civil 3D | =2018 | |
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-7359 is a heap overflow vulnerability in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, and other affected software products.
CVE-2019-7359 has a severity rating of 7.8 (High).
The vulnerability affects Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, and other related versions.
The CWE ID for CVE-2019-7359 is CWE-787.
To fix CVE-2019-7359, update to the latest version of the affected software provided by Autodesk.