A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| autodesk | dwg_trueview | 2019 - 2019.1.4 | - |
| autodesk | dwg_trueview | 2020 - 2020.1.5 | - |
| autodesk | dwg_trueview |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
4
Affected Products
2
References
autodesk / dwg_trueview
| 2021 - 2021.1.2 |
| - |
| autodesk | dwg_trueview | 2022 - 2022.1.2 | - |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Exploitability
Impact