A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Oct 2022, 13:32
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 - Patch, Vendor Advisory | |
First Time |
Autodesk
Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Map 3d Autodesk autocad Advance Steel Autodesk autocad Autodesk autocad Lt Autodesk autocad Electrical Autodesk design Review Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d |
|
CWE | CWE-787 | |
CPE | cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_civil_3d:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:* |
21 Oct 2022, 16:48
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-21 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-42937
Mitre link : CVE-2022-42937
CVE.ORG link : CVE-2022-42937
JSON object : View
Products Affected
autodesk
- autocad_electrical
- autocad_architecture
- autocad_civil_3d
- design_review
- autocad_map_3d
- autocad_plant_3d
- autocad_advance_steel
- autocad_mechanical
- autocad
- autocad_lt
- autocad_mep
CWE
CWE-787
Out-of-bounds Write