Описание
AutoDesk: CVE-2023-27911 Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior
FAQ
Why is this AutoDesk CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in AutoDesk software which is consumed by the Microsoft products listed in the Security Updates table. It is being documented in the Security Update Guide to announce that the latest builds of these products are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Visual Studio 2013 Update 5 | ||
| Microsoft Visual Studio 2015 Update 3 | ||
| Microsoft Visio 2016 (32-bit edition) | - | |
| Microsoft Visio 2016 (64-bit edition) | - | |
| Microsoft Office 2019 for 32-bit editions | - | |
| Microsoft Office 2019 for 64-bit editions | - | |
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | ||
| 3D Viewer | ||
| Microsoft 365 Apps for Enterprise for 32-bit Systems | - | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.8 High
CVSS3
Связанные уязвимости
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
Уязвимость набора инструментов и библиотек для создания, импорта и экспорта 3D-моделей Autodesk FBX SDK, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3