Detections
Analytics
Autodesk AutoCAD DWG Buffer Overflow
medium Nessus Plugin ID 73292
Language:
Synopsis
An application on the remote host is affected by a buffer overflow vulnerability.Description
The remote host has a version of Autodesk AutoCAD installed that is potentially affected by an error related to handling DWG files that could lead to buffer overflows and possibly arbitrary code execution.Solution
Apply the patch provided by the vendor. Note that :- AutoCAD 2011 Service Pack 2 is a pre-requisite to apply the patch.
- AutoCAD 2012 Service Pack 2 is a pre-requisite to apply the patch.
- AutoCAD 2013 Service Pack 2 is a pre-requisite to apply the patch.
- AutoCAD 2014 Service Pack 1 contains the patch.
See Also
https://vulners.com/binamuse/BINAMUSE:F12A08815586EE7A519144C52DC893AF
Plugin Details
Severity: Medium
ID: 73292
File Name: autocad_dwg_overflow.nasl
Version: 1.5
Type: local
Agent: windows
Family: Windows
Published: 4/1/2014
Updated: 12/2/2022
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2013-3665
CVSS v3
Risk Factor: Medium
Base Score: 6.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Information
CPE: cpe:/a:autodesk:autocad, cpe:/a:autodesk:autocad_architecture, cpe:/a:autodesk:autocad_civil_3d, cpe:/a:autodesk:autocad_ecscad, cpe:/a:autodesk:autocad_electrical, cpe:/a:autodesk:autocad_lt, cpe:/a:autodesk:autocad_map_3d, cpe:/a:autodesk:autocad_mechanical, cpe:/a:autodesk:autocad_mep, cpe:/a:autodesk:autocad_p%26id, cpe:/a:autodesk:autocad_plant_3d, cpe:/a:autodesk:autocad_structural_detailing, cpe:/a:autodesk:autocad_utility_design
Required KB Items: SMB/Registry/Enumerated, installed_sw/Autodesk AutoCAD
Exploit Ease: No known exploits are available
Patch Publication Date: 7/10/2013
Vulnerability Publication Date: 6/27/2013
Reference Information
CVE: CVE-2013-3665