Autodesk Autocad vulnerabilities

CVE-2021-27040 [LOW] CWE-125 CVE-2021-27040: A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DW A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code.

CVE-2019-7364 [HIGH] CWE-427 CVE-2019-7364: DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civi DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL

CVE-2019-7361 [HIGH] CWE-502 CVE-2019-7361: An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018,

CVE-2019-7360 [HIGH] CWE-416 CVE-2019-7360: An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Ste An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Au

CVE-2019-7359 [HIGH] CWE-787 CVE-2019-7359: An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Ste An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Au

CVE-2019-7358 [HIGH] CWE-787 CVE-2019-7358: An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Stee An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Aut

CVE-2014-0818 [HIGH] CWE-94 CVE-2014-0818: Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privi Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path.

CVE-2014-0819 [MEDIUM] CWE-20 CVE-2014-0819: Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privi Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CVE-2013-3665 [MEDIUM] CVE-2013-3665: Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueVie Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.

CVE-2010-5241 [MEDIUM] CVE-2010-5241: Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain pr Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party i

CVE-2005-4710 [MEDIUM] CVE-2005-4710: Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 a Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.