Vulnerability CVE-2005-4710


Published: 2005-12-31   Modified: 2012-02-12

Description:
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.

Vendor: Autodesk
Product: Inventor 
Version: 9; 10;
Product: Revit structure 
Version: 8.1; 6;
Product: Revit 
Version: 8; 7;
Product: 3ds max 
Version: 7;
Product: Autocad mechanical 
Version: 2006; 2005;
Product: Architectural desktop 
Version: 2006; 2005;
Product: Survey 
Version: 2006; 2005;
Product: Land desktop 
Version: 2006; 2005;
Product: Building systems 
Version: 2006; 2005;
Product: Autocad 
Version: 2006; 2005;
Product: VIZ 
Version: 2006;
Product: Map 3d 
Version: 2006; 2005;
Product: Autocad civil 3d 
Version: 2006; 2005;
Product: Raster design 
Version: 2006; 2005;
Product: Autocad electrical 
Version: 2006; 2005;
Product: Autocad lt 
Version: 2006; 2005;
Product: Utility design 
Version: 2005;
Product: Civil design 
Version: 2005;

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232
http://www.securityfocus.com/bid/16472
https://exchange.xforce.ibmcloud.com/vulnerabilities/24460

Related CVE
CVE-2019-7364
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 201...
CVE-2019-7363
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
CVE-2019-7362
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.
CVE-2019-7361
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD E...
CVE-2019-7360
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD M...
CVE-2019-7359
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD M...
CVE-2019-7358
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Me...
CVE-2016-9307
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.

Copyright 2019, cxsecurity.com

 

Back to Top