7.8
CVE-2019-7360
- EPSS 0.68%
- Veröffentlicht 09.04.2019 20:30:21
- Zuletzt bearbeitet 21.11.2024 04:48:05
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginAn exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Advance Steel Version2018
Autodesk ≫ Autocad Architecture Version2018
Autodesk ≫ Autocad Electrical Version2018
Autodesk ≫ Autocad Lt Version2018
Autodesk ≫ Autocad Map 3d Version2018
Autodesk ≫ Autocad Mechanical Version2018
Autodesk ≫ Autocad Mep Version2018
Autodesk ≫ Autocad P&id Version2018
Autodesk ≫ Autocad Plant 3d Version2018
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.691 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.