Vulnerability CVE-2005-4710


Published: 2005-12-31   Modified: 2012-02-12

Description:
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.

Vendor: Autodesk
Product: Inventor 
Version: 9; 10;
Product: Revit structure 
Version: 8.1; 6;
Product: Revit 
Version: 8; 7;
Product: 3ds max 
Version: 7;
Product: Autocad mechanical 
Version: 2006; 2005;
Product: Architectural desktop 
Version: 2006; 2005;
Product: Survey 
Version: 2006; 2005;
Product: Land desktop 
Version: 2006; 2005;
Product: Building systems 
Version: 2006; 2005;
Product: Autocad 
Version: 2006; 2005;
Product: VIZ 
Version: 2006;
Product: Map 3d 
Version: 2006; 2005;
Product: Autocad civil 3d 
Version: 2006; 2005;
Product: Raster design 
Version: 2006; 2005;
Product: Autocad electrical 
Version: 2006; 2005;
Product: Autocad lt 
Version: 2006; 2005;
Product: Utility design 
Version: 2005;
Product: Civil design 
Version: 2005;

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232
http://www.securityfocus.com/bid/16472
https://exchange.xforce.ibmcloud.com/vulnerabilities/24460

Related CVE
CVE-2019-7361
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD E...
CVE-2019-7360
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD M...
CVE-2019-7359
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD M...
CVE-2019-7358
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Me...
CVE-2016-9307
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
CVE-2016-9304
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
CVE-2016-9305
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
CVE-2016-9306
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.

Copyright 2019, cxsecurity.com

 

Back to Top