CVE-2024-23134

2024-02-2205:15:09

CWE-416

[email protected]

web.nvd.nist.gov

maliciously crafted igs file

tbb.dll

user-after-free

code execution

current process

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.9%

JSON

A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

References

www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002

www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004

www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009