Описание
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:3ds_max:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:3ds_max:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:navisworks:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:vred:2023:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00188
Низкий
7.8 High
CVSS3
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
EPSS
Процентиль: 41%
0.00188
Низкий
7.8 High
CVSS3
Дефекты
CWE-416