252 matches found
CVE-2014-9268
The CVE-2014-9268 entry concerns Autodesk Design Review’s AdView.AdViewer.1 ActiveX control. Affected component: AdView.AdViewer ActiveX in ADR prior to 2013 Hotfix 1. Root cause: improper parsing of DWF files enables an unauthenticated, remote attacker to execute arbitrary code. Impact: remote c...
Autodesk Design Review AdView.AdViewer.1 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2010-5226
Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll, 2 whiptkwt.7.12.601.dll, or 3 xamlwt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll, 2 whiptkwt.7.12.601.dll, or 3 xamlwt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf...
CVE-2010-5226
Summary: CVE-2010-5226 affects Autodesk Design Review 2011 (version 11.0.0.86) and involves multiple untrusted search path vulnerabilities. The root cause is placing a Trojan horse through (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll in the current working directory, demon...
CVE-2010-5226
Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll, 2 whiptkwt.7.12.601.dll, or 3 xamlwt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf...
CVE-2008-4471
Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control AdView.dll 9.0.0.96, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via ".." sequences in the argument to the SaveAS...
Directory traversal
Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control AdView.dll 9.0.0.96, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via ".." sequences in the argument to the SaveAS...
CVE-2008-4472
The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...
Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk...
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Code Execution
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...