Описание
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:navisworks:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:navisworks:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:navisworks:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00418
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
github
больше 3 лет назад
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
EPSS
Процентиль: 61%
0.00418
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-125