A maliciously crafted X_B file when parsed through Autodesk Maya 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 | Vendor Advisory |
Configurations
History
17 Apr 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A maliciously crafted X_B file when parsed through Autodesk Maya 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. |
28 Dec 2022, 20:06
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Autodesk
Autodesk maya |
|
CPE | cpe:2.3:a:autodesk:maya:2023:*:*:*:*:*:*:* |
19 Dec 2022, 16:52
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-19 16:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-42947
Mitre link : CVE-2022-42947
CVE.ORG link : CVE-2022-42947
JSON object : View
Products Affected
autodesk
- maya
CWE
CWE-787
Out-of-bounds Write