23 matches found
CVE-2022-25793
CVE-2022-25793 describes a stack-based buffer overflow in Autodesk 3ds Max 2020–2022 during parsing of ABC/ActionScript Byte Code files. The overflow occurs when copying length-validated user data into a fixed-length stack buffer, potentially allowing arbitrary code execution. Documents vary on e...
CVE-2022-27871
CVE-2022-27871 affects Autodesk AutoCAD product suite, Revit, Design Review and Navisworks when using PDFTron prior to 9.1.17. The root cause is a boundary error while parsing PDF files, which can allow writing beyond the allocated buffer. This may enable arbitrary code execution on the affected ...
CVE-2022-27531
CVE-2022-27531 affects Autodesk 3ds Max 2022 and 2021, where a maliciously crafted TIFF file can cause a read beyond allocated boundaries during TIFF parsing. This can allow code execution within the current process. The linked records consistently describe the issue as a boundary-read vulnerabil...
CVE-2023-25002
CVE-2023-25002 concerns a use-after-free vulnerability triggered by a malicious SKP file in Autodesk products. Affected software is Autodesk products that process SKP files (e.g., Autodesk 3ds Max, Navisworks, SKP-related components) per multiple sources in the Connected set. Root cause is a use-...
CVE-2022-27532
Autodesk 3ds Max 2022 and 2021 are affected by CVE-2022-27532, where a maliciously crafted TIF file can cause a write past the end of an allocated buffer while parsing TIF images. This use-after-free-like buffer overrun could enable arbitrary code execution, as described across multiple sources (...
CVE-2005-4710
Technical details for CVE-2005-4710 are not publicly available in the provided documents. Monitor for updates from official sources; no specific affected products, vulnerable components, exploits, or fixes are disclosed here.
CVE-2009-3577
Autodesk 3DS Max applications (versions 6–9 and 2008–2010) are affected by a vulnerability in MaxScript application callbacks that allows remote code execution when a crafted .max file embeds a MAXScript statement invoking DOSCommand. Root cause: unsanitized data binding of MaxScript to callbacks...
CVE-2026-7451
CVE-2026-7451 : A maliciously crafted TIF file, when parsed by Autodesk 3ds Max , can trigger an Out-of-Bounds Write in the process. The vulnerability may allow a malicious actor to cause a crash, data corruption, or execute arbitrary code in the context of the current process. Connected sources ...
CVE-2026-7452
The CVE-2026-7452 entry concerns a memory corruption flaw triggered by parsing a malicious WRL file in Autodesk 3ds Max, enabling arbitrary code execution in the context of the affected process. The affected component is the WRL file parser within 3ds Max; the root cause is memory corruption duri...
CVE-2025-6633
CVE-2025-6633 affects Autodesk 3ds Max via parsing a maliciously crafted RGB file, triggering an Out-of-Bounds Write. The vulnerability can cause a crash, data corruption, or arbitrary code execution within the current process. Documents consistently describe the affected component as Autodesk 3d...
CVE-2026-7450
CVE-2026-7450 : A malicious PAR file parsed by Autodesk 3ds Max can trigger a NULL pointer dereference in the PAR file parser, leading to application crash and a potential denial-of-service condition. Affected software: Autodesk 3ds Max (PAR parsing path). Root cause: NULL pointer dereference. CV...
CVE-2025-11797
The CVE-2025-11797 entry affects Autodesk 3ds Max, where parsing a specially crafted DWG file can trigger a Use-After-Free in the DWG parser. Impact is a crash, potential exposure of sensitive data, or arbitrary code execution in the current process context. Affected component: DWG parsing within...
CVE-2025-6634
CVE-2025-6634 concerns a memory corruption vulnerability in Autodesk 3ds Max triggered by a maliciously crafted TGA file. The connected documents consistently indicate the issue arises from TGA parsing within 3ds Max and can allow arbitrary code execution in the context of the current process. Af...
CVE-2025-6632
CVE-2025-6632 corresponds to a vulnerability in Autodesk 3ds Max where a specially crafted PSD file can trigger an Out-of-Bounds Read in the PSD parsing path. Affected component: Autodesk 3ds Max (PSD file handling). Impact statements from the sources indicate potential crash, exposure of sensiti...
CVE-2026-0536
The CVE-2026-0536 issue affects Autodesk 3ds Max (prior to 2026.3.2). A malicious GIF can trigger a Stack-Based Buffer Overflow in the GIF parser, enabling arbitrary code execution in the current process. Public details specify the affected version range and root cause as parsing a crafted GIF; u...
CVE-2026-7453
CVE-2026-7453 : A memory exhaustion issue occurs when parsing a malicious WRL file in Autodesk 3ds Max, causing a stack exhaustion and denial-of-service. The NVD entry confirms the description and lists a CVSSv3.1 base score of 5.3 (Medium) with local attack vector, low complexity, no privileges,...
CVE-2026-7454
CVE-2026-7454 affects Autodesk 3ds Max when parsing a malicious WRL file, leading to a memory corruption that allows arbitrary code execution in the current process. The vulnerability is triggered by parsing a crafted WRL file; the CVSS v3.1 metrics indicate local attack vector, required user int...
CVE-2026-0537
CVE-2026-0537 describes a memory corruption vulnerability in Autodesk 3ds Max triggered by parsing a malicious RGB file, potentially allowing arbitrary code execution in the affected process. Connected documents identify this as part of a set of issues for 3ds Max
CVE-2026-0661
CVE-2026-0661 is described across multiple sources as an issue in Autodesk 3ds Max where parsing a malicious RGB file can cause a memory corruption/Out-of-Bounds Write vulnerability, enabling arbitrary code execution in the context of the current process. The affected software is Autodesk 3ds Max...
CVE-2026-0538
Autodesk 3ds Max is affected by CVE-2026-0538. A maliciously crafted GIF file, when parsed by 3ds Max, can trigger an Out-of-Bounds Write that allows code execution in the process context. The primary sources describe a local vulnerability with no user interaction required per the NVD metrics (LO...
CVE-2026-0660
CVE-2026-0660 describes a vulnerability where a malicious GIF file, parsed by Autodesk 3ds Max, can trigger a Stack-Based Buffer Overflow, allowing arbitrary code execution in the context of the current process. Affected product: Autodesk 3ds Max (explicitly noted in connected Nessus/Red Hat/CVE ...
CVE-2026-0662
CVE-2026-0662 : Autodesk 3ds Max is affected by an Untrusted Search Path vulnerability when opening a max file from a malicious project directory, potentially allowing arbitrary code execution in the current process. The description specifies this is tied to the search path trust issue, with the ...
CVE-2025-11795
CVE-2025-11795 describes an Out-of-Bounds Write in Autodesk 3ds Max when parsing a malicious JPG file, allowing arbitrary code execution in the current process. Affected software is Autodesk 3ds Max; the issue is triggered by crafted JPG parsing and is tied to a memory write outside bounds. CVSS ...