Search Results

There are 25 CVE entries that match your search.
Name Description
CVE-2016-9307 Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
CVE-2016-9306 Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
CVE-2016-9305 Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
CVE-2016-9304 Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
CVE-2016-9303 Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
CVE-2016-2344 Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks.
CVE-2015-8572 Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file.
CVE-2015-8571 Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow.
CVE-2014-9268 The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
CVE-2014-3939 Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file.
CVE-2014-3938 Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow.
CVE-2014-2967 Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
CVE-2014-0819 Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVE-2014-0818 Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path.
CVE-2013-5365 Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file.
CVE-2013-3665 Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
CVE-2010-5241 Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-5226 Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3578 Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes."
CVE-2009-3577 Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks."
CVE-2009-3576 Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control.
CVE-2008-4472 The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
CVE-2008-4471 Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method.
CVE-2007-4749 The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attackers to execute arbitrary commands on render servers by queueing jobs that contain these commands. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks.
CVE-2005-4710 Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
  
You can also search by reference using the CVE Reference Maps.
For More Information:  cve@mitre.org