1. CVE-Search
  2. CVE-2019-7359
ID CVE-2019-7359
Summary An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_p\&id:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_p\&id:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
misc https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001
Last major update 24-08-2020 - 17:37
Published 09-04-2019 - 20:30
Last modified 24-08-2020 - 17:37
Back to Top