CVE-2024-7675
published 2024-09-30CVE-2024-7675: A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| autodesk | navisworks | — | — |
| autodesk | navisworks | — | — |
| autodesk | navisworks | — | — |
| autodesk | navisworks_freedom | — | — |
| autodesk | navisworks_freedom | — | — |
| autodesk | navisworks_freedom | — | — |
| autodesk | navisworks_freedom | — | — |
| autodesk | navisworks_manage | — | — |
| autodesk | navisworks_manage | — | — |
| autodesk | navisworks_manage | — | — |
| autodesk | navisworks_manage | — | — |
| autodesk | navisworks_simulate | — | — |
| autodesk | navisworks_simulate | — | — |
| autodesk | navisworks_simulate | — | — |
| autodesk | navisworks_simulate | — | — |