CVE-2024-23136

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CVSS

No CVSS.

References

Link	Resource
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004

Configurations

No configuration.

History

18 Mar 2024, 00:15

Type	Values Removed	Values Added
References		() https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004 -
Summary	(en) A maliciously crafted STP file when ASMKERN228A.dll parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.	(en) A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

22 Feb 2024, 19:07

Type	Values Removed	Values Added
Summary		(es) Un archivo STP creado con fines malintencionados cuando ASMKERN228A.dll se analiza mediante Autodesk AutoCAD se puede utilizar para eliminar la referencia a un puntero que no es de confianza. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código en el proceso actual.

22 Feb 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-22 05:15

Updated : 2024-03-18 00:15

NVD link : CVE-2024-23136

Mitre link : CVE-2024-23136

CVE.ORG link : CVE-2024-23136

JSON object : View

Products Affected

No product.

CWE

CWE-822

Untrusted Pointer Dereference

JSON object

Attach tags to CVE-2024-23136

Attach tags to `CVE-2024-23136`