Autodesk: >> Navisworks Security Vulnerabilities
A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-04-11
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-12-23
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-12-23
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-09-15
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-09-15
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-09-15
A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-09-15
Page 5