First published: Tue Apr 09 2019(Updated: )
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution.
Credit: psirt@autodesk.com psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Advance Steel | =2018 | |
Autodesk Autocad | =2018 | |
Autodesk AutoCAD Architecture | =2018 | |
Autodesk AutoCAD Electrical | =2018 | |
Autodesk Autocad Lt | =2018 | |
Autodesk AutoCAD Map 3D | =2018 | |
Autodesk AutoCAD Mechanical | =2018 | |
Autodesk AutoCAD MEP | =2018 | |
Autodesk Autocad P\&id | =2018 | |
Autodesk AutoCAD Plant 3D | =2018 | |
Autodesk Civil 3D | =2018 | |
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-7360 is high with a score of 7.8.
Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD LT 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, and Autodesk Civil 3D 2018 are affected by CVE-2019-7360.
CVE-2019-7360 is an exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk software.
The vulnerability in Autodesk software with CVE-2019-7360 has a high severity level.
You can find more information about CVE-2019-7360 at https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001.