Vulnerabilites related to autodesk - fbx_software_development_kit
Vulnerability from fkie_nvd
Published
2017-01-25 19:59
Modified
2024-11-21 03:00
Severity ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39E57BA-AAD4-4572-AF3F-3D57BB0D6BF2",
"versionEndIncluding": "2017.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el SDK de Autodesk FBX en versiones anteriores a 2017.1 pueden permitir a atacantes ejecutar c\u00f3digo arbitrario al leer o convertir archivos de formato DFX mal formados."
}
],
"id": "CVE-2016-9304",
"lastModified": "2024-11-21T03:00:56.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-25T19:59:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95799"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-17 21:15
Modified
2025-02-06 17:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C560264-D3D4-450F-A933-0567181A3EDF",
"versionEndExcluding": "2020.3.4",
"versionStartIncluding": "2020.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk\u00ae FBX\u00ae SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure."
}
],
"id": "CVE-2023-27909",
"lastModified": "2025-02-06T17:15:16.037",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-17T21:15:07.777",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE790E-9DE7-441A-9140-44B9EE972DD1",
"versionEndIncluding": "2019.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento del b\u00fafer en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario en un sistema que lo ejecute."
}
],
"id": "CVE-2020-7080",
"lastModified": "2024-11-21T05:36:37.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:11.947",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF50DA5D-BB7B-45CD-AE2B-3D0E411B7ED2",
"versionEndIncluding": "2019.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de pila (heap) en Autodesk FBX-SDK versiones 2019.2 y anteriores, puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitraria en un sistema que lo ejecute."
}
],
"id": "CVE-2020-7085",
"lastModified": "2024-11-21T05:36:37.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:12.213",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-14 17:15
Modified
2024-11-21 07:23
Severity ?
Summary
An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | 2020.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:2020.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8805EE28-F361-482B-81FC-4E31F2EDB85D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura fuera de l\u00edmites en Autodesk FBX SDK versi\u00f3n 2020 y anteriores, puede conllevar a una ejecuci\u00f3n de c\u00f3digo a mediante archivos FBX dise\u00f1ados de forma maliciosa o una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2022-41304",
"lastModified": "2024-11-21T07:23:00.447",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-14T17:15:16.323",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-17 21:15
Modified
2025-02-06 16:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C560264-D3D4-450F-A933-0567181A3EDF",
"versionEndExcluding": "2020.3.4",
"versionStartIncluding": "2020.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk\u00ae FBX\u00ae SDK 2020 or prior which may lead to code execution."
}
],
"id": "CVE-2023-27910",
"lastModified": "2025-02-06T16:15:35.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-17T21:15:07.823",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-25 19:59
Modified
2024-11-21 03:00
Severity ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39E57BA-AAD4-4572-AF3F-3D57BB0D6BF2",
"versionEndIncluding": "2017.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el SDK de Autodesk FBX en versiones anteriores a 2017.1 pueden permitir a atacantes ejecutar c\u00f3digo arbitrario al leer o convertir archivos de formato 3DS mal formados."
}
],
"id": "CVE-2016-9307",
"lastModified": "2024-11-21T03:00:56.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-25T19:59:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95802"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE790E-9DE7-441A-9140-44B9EE972DD1",
"versionEndIncluding": "2019.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it."
},
{
"lang": "es",
"value": "Una vulnerabilidad de confusi\u00f3n de tipos en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a la lectura y escritura de c\u00f3digo arbitrario en el sistema que lo ejecuta."
}
],
"id": "CVE-2020-7081",
"lastModified": "2024-11-21T05:36:37.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:12.010",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-25 19:59
Modified
2024-11-21 03:00
Severity ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39E57BA-AAD4-4572-AF3F-3D57BB0D6BF2",
"versionEndIncluding": "2017.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el SDK de Autodesk FBX en versiones anteriores a 2017.1 pueden permitir a atacantes ejecutar c\u00f3digo arbitrario o provocar una condici\u00f3n de bucle infinito al leer o convertir archivos de formato FBX mal formados."
}
],
"id": "CVE-2016-9303",
"lastModified": "2024-11-21T03:00:56.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-25T19:59:00.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95805"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-03 18:15
Modified
2024-11-21 04:48
Severity ?
Summary
Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | 2019.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:2019.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1355BB0E-3424-447E-AA2A-F6CB57648EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en Autodesk FBX Software Development Kit versi\u00f3n 2019.5. Un usuario puede ser enga\u00f1ado para abrir un archivo FBX malicioso que puede explotar una vulnerabilidad de desbordamiento de b\u00fafer causando que se ejecute un c\u00f3digo arbitrario en el sistema."
}
],
"id": "CVE-2019-7366",
"lastModified": "2024-11-21T04:48:06.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-03T18:15:10.500",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE790E-9DE7-441A-9140-44B9EE972DD1",
"versionEndIncluding": "2019.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una denegaci\u00f3n de servicio de la aplicaci\u00f3n."
}
],
"id": "CVE-2020-7083",
"lastModified": "2024-11-21T05:36:37.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:12.117",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-25 19:59
Modified
2024-11-21 03:00
Severity ?
Summary
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39E57BA-AAD4-4572-AF3F-3D57BB0D6BF2",
"versionEndIncluding": "2017.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers."
},
{
"lang": "es",
"value": "Manipulaci\u00f3n incorrecta en el SDK de Autodesk FBX en versiones anteriores a 2017.1 de desajustes de tipo y objetos eliminados anteriormente relacionados con la lectura y conversi\u00f3n de archivos de formato FBX mal formados pueden permitir a atacantes obtener acceso a punteros no inicializados."
}
],
"id": "CVE-2016-9305",
"lastModified": "2024-11-21T03:00:56.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-25T19:59:00.250",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95803"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-14 17:15
Modified
2024-11-21 07:23
Severity ?
Summary
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | 2020.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:2020.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8805EE28-F361-482B-81FC-4E31F2EDB85D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system."
},
{
"lang": "es",
"value": "Un usuario puede ser enga\u00f1ado para abrir un archivo FBX malicioso que puede explotar una vulnerabilidad de uso de memoria previamente liberada en Autodesk FBX SDK versi\u00f3n 2020 causando que la aplicaci\u00f3n haga referencia a una ubicaci\u00f3n de memoria controlada por un tercero no autorizado, ejecutando as\u00ed c\u00f3digo arbitrario en el sistema"
}
],
"id": "CVE-2022-41303",
"lastModified": "2024-11-21T07:23:00.340",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-14T17:15:16.203",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-25 19:59
Modified
2024-11-21 03:00
Severity ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39E57BA-AAD4-4572-AF3F-3D57BB0D6BF2",
"versionEndIncluding": "2017.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el SDK de Autodesk FBX en versiones anteriores a 2017.1 pueden permitir a atacantes ejecutar c\u00f3digo arbitrario al leer o convertir archivos de formato DAE mal formados."
}
],
"id": "CVE-2016-9306",
"lastModified": "2024-11-21T03:00:56.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-25T19:59:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95807"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-17 21:15
Modified
2025-02-06 16:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C560264-D3D4-450F-A933-0567181A3EDF",
"versionEndExcluding": "2020.3.4",
"versionStartIncluding": "2020.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk\u00ae FBX\u00ae SDK 2020 or prior which may lead to code execution."
}
],
"id": "CVE-2023-27911",
"lastModified": "2025-02-06T16:15:35.373",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-17T21:15:07.870",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE790E-9DE7-441A-9140-44B9EE972DD1",
"versionEndIncluding": "2019.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento del puntero NULL en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una denegaci\u00f3n de servicio de la aplicaci\u00f3n."
}
],
"id": "CVE-2020-7084",
"lastModified": "2024-11-21T05:36:37.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:12.167",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-14 17:15
Modified
2024-11-21 07:23
Severity ?
Summary
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | 2020.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:2020.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8805EE28-F361-482B-81FC-4E31F2EDB85D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
},
{
"lang": "es",
"value": "Una vulnerabilidad de lectura fuera de l\u00edmites en Autodesk FBX SDK versi\u00f3n 2020. y anteriores puede conllevar a una ejecuci\u00f3n de c\u00f3digo o una divulgaci\u00f3n de informaci\u00f3n mediante archivos FBX dise\u00f1ados de forma maliciosa. Esta vulnerabilidad, junto con otras, podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo en el contexto del proceso actual"
}
],
"id": "CVE-2022-41302",
"lastModified": "2024-11-21T07:23:00.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-14T17:15:16.100",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | fbx_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:fbx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE790E-9DE7-441A-9140-44B9EE972DD1",
"versionEndIncluding": "2019.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it."
},
{
"lang": "es",
"value": "Una vulnerabilidad de uso de la memoria previamente liberada en Autodesk FBX-SDK versiones 2019.0 y anteriores, puede conllevar a una ejecuci\u00f3n de c\u00f3digo en un sistema que lo ejecute."
}
],
"id": "CVE-2020-7082",
"lastModified": "2024-11-21T05:36:37.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T18:15:12.057",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-9303
Vulnerability from cvelistv5
Published
2017-01-25 19:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95805 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01",
"refsource": "CONFIRM",
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9303",
"datePublished": "2017-01-25T19:00:00",
"dateReserved": "2016-11-14T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27910
Vulnerability from cvelistv5
Published
2023-04-17 00:00
Modified
2025-02-06 15:44
Severity ?
EPSS score ?
Summary
A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX SDK |
Version: 2020 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T15:43:22.504093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T15:44:29.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk\u00ae FBX\u00ae SDK 2020 or prior which may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-27910",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2023-03-07T00:00:00.000Z",
"dateUpdated": "2025-02-06T15:44:29.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7081
Vulnerability from cvelistv5
Published
2020-04-17 17:52
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Type confusion vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:52:36",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.0 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type confusion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7081",
"datePublished": "2020-04-17T17:52:36",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7366
Vulnerability from cvelistv5
Published
2019-12-03 17:09
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX Software Development Kit |
Version: 2019.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX Software Development Kit",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-03T17:09:14",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX Software Development Kit",
"version": {
"version_data": [
{
"version_value": "2019.5"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003",
"refsource": "CONFIRM",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2019-7366",
"datePublished": "2019-12-03T17:09:14",
"dateReserved": "2019-02-04T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41302
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:44.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2022-41302",
"datePublished": "2022-10-14T00:00:00",
"dateReserved": "2022-09-21T00:00:00",
"dateUpdated": "2024-08-03T12:42:44.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7083
Vulnerability from cvelistv5
Published
2020-04-17 17:53
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:53:07",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.0 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7083",
"datePublished": "2020-04-17T17:53:07",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27909
Vulnerability from cvelistv5
Published
2023-04-17 00:00
Modified
2025-02-06 16:13
Severity ?
EPSS score ?
Summary
An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX SDK |
Version: 2020 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:29.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T16:12:42.672922Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T16:13:15.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk\u00ae FBX\u00ae SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bound Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-27909",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2023-03-07T00:00:00.000Z",
"dateUpdated": "2025-02-06T16:13:15.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9305
Vulnerability from cvelistv5
Published
2017-01-25 19:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95803 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95803",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95803"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95803",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95803"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01",
"refsource": "CONFIRM",
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95803"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9305",
"datePublished": "2017-01-25T19:00:00",
"dateReserved": "2016-11-14T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7084
Vulnerability from cvelistv5
Published
2020-04-17 17:53
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NULL pointer dereference vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:53:26",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.0 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL pointer dereference vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7084",
"datePublished": "2020-04-17T17:53:26",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41303
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:44.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2022-41303",
"datePublished": "2022-10-14T00:00:00",
"dateReserved": "2022-09-21T00:00:00",
"dateUpdated": "2024-08-03T12:42:44.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9306
Vulnerability from cvelistv5
Published
2017-01-25 19:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95807 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95807",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95807"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95807",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95807"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01",
"refsource": "CONFIRM",
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95807",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95807"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9306",
"datePublished": "2017-01-25T19:00:00",
"dateReserved": "2016-11-14T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27911
Vulnerability from cvelistv5
Published
2023-04-17 00:00
Modified
2025-02-06 15:33
Severity ?
EPSS score ?
Summary
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX SDK |
Version: 2020 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T15:33:29.717160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T15:33:38.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk\u00ae FBX\u00ae SDK 2020 or prior which may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-27911",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2023-03-07T00:00:00.000Z",
"dateUpdated": "2025-02-06T15:33:38.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9304
Vulnerability from cvelistv5
Published
2017-01-25 19:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95799 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95799",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95799"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95799",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95799"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01",
"refsource": "CONFIRM",
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
},
{
"name": "95799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95799"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9304",
"datePublished": "2017-01-25T19:00:00",
"dateReserved": "2016-11-14T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7082
Vulnerability from cvelistv5
Published
2020-04-17 17:52
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:52:49",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.0 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-After-Free vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7082",
"datePublished": "2020-04-17T17:52:49",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41304
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:44.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FBX SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2020.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2022-41304",
"datePublished": "2022-10-14T00:00:00",
"dateReserved": "2022-09-21T00:00:00",
"dateUpdated": "2024-08-03T12:42:44.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7080
Vulnerability from cvelistv5
Published
2020-04-17 17:52
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:52:17",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.0 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7080",
"datePublished": "2020-04-17T17:52:17",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9307
Vulnerability from cvelistv5
Published
2017-01-25 19:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95802 | vdb-entry, x_refsource_BID | |
| http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95802",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95802",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95802"
},
{
"name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01",
"refsource": "CONFIRM",
"url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9307",
"datePublished": "2017-01-25T19:00:00",
"dateReserved": "2016-11-14T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7085
Vulnerability from cvelistv5
Published
2020-04-17 17:53
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX-SDK |
Version: 2019.2 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX-SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.2 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-17T17:53:49",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2020-7085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX-SDK",
"version": {
"version_data": [
{
"version_value": "2019.2 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2020-7085",
"datePublished": "2020-04-17T17:53:49",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}