Which software is affected by CVE-2023-27911?

Visual Studio 2022 (version 17.2), Visual Studio 2017 (includes 15.0 - 15.8), Visual Studio 2015, Visual Studio 2022 (version 17.4), Visual Studio 2022 (version 17.0), Visual Studio 2013, Visual Studio 2019 (includes 16.0 - 16.10), Office LTSC 2021 for 32-bit editions, Office 2019 for 64-bit editions, Office LTSC 2021 for 64-bit editions, Microsoft 365 Apps for Enterprise (x86), Office 2019 for 32-bit editions, Microsoft 365 Apps for Enterprise (x86_64), and Microsoft 3D Viewer are affected by CVE-2023-27911.

What is the severity of CVE-2023-27911?

CVE-2023-27911 has a severity rating of high (7).

How can I fix CVE-2023-27911 for Visual Studio 2022 (version 17.2)?

You can find the necessary patches or updates for Visual Studio 2022 (version 17.2) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.2).

How can I fix CVE-2023-27911 for Visual Studio 2019 (includes 16.0 - 16.10)?

You can find the necessary patches or updates for Visual Studio 2019 (includes 16.0 - 16.10) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.11).

Vulnerability/
CVE-2023-27911

high

7.8

CWE

119 787

17/4/2023

2/8/2024

CVE-2023-27911: Buffer Overflow

Q: What is CVE-2023-27911?

CVE-2023-27911 is a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior.

First published: Mon Apr 17 2023(Updated: )

A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.

Credit: psirt@autodesk.com

Affected Software	Affected Version	How to fix
Autodesk FBX Software Development Kit	>=2020.0<2020.3.4
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Visual Studio 2015	=3	fix available externally
Microsoft Office LTSC 2021 for 32-bit editions		fix available externally
Microsoft 3D Viewer		fix available externally
Microsoft Visual Studio 2017 (includes 15.0 - 15.8)	=15.9	fix available externally
Microsoft Office 2019 for 64-bit editions		fix available externally
Microsoft Visual Studio 2013	=5	fix available externally
Microsoft Visual Studio 2019 (includes 16.0 - 16.10)	=16.11	fix available externally
Microsoft Office 2019 for 32-bit editions		fix available externally
Microsoft Office LTSC 2021 for 64-bit editions		fix available externally
Microsoft Visual Studio 2022	=17.6	fix available externally
Microsoft Visual Studio 2022	=17.0	fix available externally
Microsoft Visual Studio 2022	=17.2	fix available externally
Microsoft Visio 2016		fix available externally
Microsoft Visual Studio 2022	=17.8	fix available externally
Microsoft Visio 2016		fix available externally

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-27911?
CVE-2023-27911 is a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior.
Which software is affected by CVE-2023-27911?
Visual Studio 2022 (version 17.2), Visual Studio 2017 (includes 15.0 - 15.8), Visual Studio 2015, Visual Studio 2022 (version 17.4), Visual Studio 2022 (version 17.0), Visual Studio 2013, Visual Studio 2019 (includes 16.0 - 16.10), Office LTSC 2021 for 32-bit editions, Office 2019 for 64-bit editions, Office LTSC 2021 for 64-bit editions, Microsoft 365 Apps for Enterprise (x86), Office 2019 for 32-bit editions, Microsoft 365 Apps for Enterprise (x86_64), and Microsoft 3D Viewer are affected by CVE-2023-27911.
What is the severity of CVE-2023-27911?
CVE-2023-27911 has a severity rating of high (7).
How can I fix CVE-2023-27911 for Visual Studio 2022 (version 17.2)?
You can find the necessary patches or updates for Visual Studio 2022 (version 17.2) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.2).
How can I fix CVE-2023-27911 for Visual Studio 2019 (includes 16.0 - 16.10)?
You can find the necessary patches or updates for Visual Studio 2019 (includes 16.0 - 16.10) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.11).

collector/nvd-index
agent/type
agent/first-publish-date
agent/references
collector/msrc-cve
source/Microsoft
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/author
agent/weakness
agent/description
agent/severity
collector/msrc
agent/last-modified-date
agent/event
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/autodesk
canonical/autodesk fbx software development kit
version/autodesk fbx software development kit/2020.0
vendor/microsoft
canonical/microsoft 365 apps for enterprise
canonical/microsoft visual studio 2015
version/microsoft visual studio 2015/3
canonical/microsoft office ltsc 2021 for 32-bit editions
canonical/microsoft 3d viewer
canonical/microsoft visual studio 2017 (includes 15.0 - 15.8)
version/microsoft visual studio 2017 (includes 15.0 - 15.8)/15.9
canonical/microsoft office 2019 for 64-bit editions
canonical/microsoft visual studio 2013
version/microsoft visual studio 2013/5
canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
canonical/microsoft office 2019 for 32-bit editions
canonical/microsoft office ltsc 2021 for 64-bit editions
canonical/microsoft visual studio 2022
version/microsoft visual studio 2022/17.6
version/microsoft visual studio 2022/17.0
version/microsoft visual studio 2022/17.4
version/microsoft visual studio 2022/17.2
version/microsoft visual studio 2022/17.8
canonical/microsoft visio 2016
version/microsoft visual studio 2022/17.9

CVE-2023-27911: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-27911?

Which software is affected by CVE-2023-27911?

What is the severity of CVE-2023-27911?

How can I fix CVE-2023-27911 for Visual Studio 2022 (version 17.2)?

How can I fix CVE-2023-27911 for Visual Studio 2019 (includes 16.0 - 16.10)?

Company

Resources

Contact