CVE-2019-7364

Опубликовано: 23 авг. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002
Patch
Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:autodesk:advance_steel:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:advance_steel:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:advance_steel:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_architecture:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_electrical:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_lt:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_map_3d:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mechanical:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mep:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_p\&id:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_plant_3d:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:civil_3d:2017:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:civil_3d:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:civil_3d:2020:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00316

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-68xj-rhqv-3cc9