CVE-2023-25005
published 2023-05-12CVE-2023-25005: A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| autodesk | infraworks | — | — |
| autodesk | infraworks | — | — |
| autodesk | infraworks | >= 2021.0 < 2021.2 | 2021.2 |
| autodesk | infraworks | >= 2023.0 < 2023.1 | 2023.1 |