Lucene search

K

[email protected]NVD:CVE-2024-23140

HistoryJun 25, 2024 - 2:15 a.m.

CVE-2024-23140

2024-06-2502:15:10

CWE-125

[email protected]

web.nvd.nist.gov

5

malicious file

vulnerability

autodesk applications

0.001 Low

EPSS

Percentile

29.0%

A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009

0.001 Low

EPSS

Percentile

29.0%

Related for NVD:CVE-2024-23140

zdi2 vulnrichment1 cvelist1 cve1 nessus1