19 matches found
CVE-2024-23158
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...
The vulnerability of the file conversion tools between different formats—PS/IGES Parasolid Translator and the simulation modeling application Simcenter Femap—allows a perpetrator to execute arbitrary code.
The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator and the simulation application Simcenter Femap, is related to reading data beyond the acceptable range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary...
CVE-2024-23158
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...
CVE-2024-23158
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...
CVE-2024-23158 Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...
CVE-2024-23158 Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...
CVE-2024-23158
Autodesk AutoCAD and related AutoCAD-based applications are affected by CVE-2024-23158 due to a use-after-free in the IGES file parsing path (ASMImport229A.dll) when handling a malicious IGES file. The issue allows a crafted file to crash the process or execute arbitrary code in the context of th...
Autodesk AutoCAD Resource Management Error Vulnerability
Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. A security vulnerability exists in Autodesk AutoCAD version 2024.1.5, which originates when the Autodesk application parses a maliciously crafted IGES file in ASMImport229A.dll, and can be used to cause a...
PT-2024-3682 · Siemens · Simcenter Femap
Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions prior to V2406 Description: A vulnerability has been identified that allows an attacker to execute code in the context of the current process by exploiting an out of bounds read past the end of an allocated structure...
Autodesk AutoCAD IGES File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IG...
SAP 3D Visual Enterprise Author IGES File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author IGES File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author IGES File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author IGES File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author IGES File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2022-41178
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly .igs, .iges, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable t...
CVE-2022-41178
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly .igs, .iges, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable t...
CVE-2022-41177
Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly .igs, .iges, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload force...
CVE-2022-41178
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly .igs, .iges, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable t...