1. CVE-Search
  2. CVE-2019-7360
ID CVE-2019-7360
Summary An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_electrical:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_lt:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_map_3d:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mechanical:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_mep:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_p\&id:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_p\&id:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad_plant_3d:2018:*:*:*:*:*:*:*
  • cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:civil_3d:2018:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 13-05-2019 - 17:29)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
misc https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001
Last major update 13-05-2019 - 17:29
Published 09-04-2019 - 20:30
Last modified 13-05-2019 - 17:29
Back to Top