CVE-2024-23137

CVSS V2 None CVSS V3 None

Description

A maliciously crafted STP or SLDPRT file in ODXSW_DLL.dll when parsed through Autodesk AutoCAD can be used to uninitialized variable. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Overview

CVE ID
CVE-2024-23137

Assigner
autodesk

Vulnerability Status
PUBLISHED

Published Version
2024-02-22T04:49:50.154Z

Last Modified Date
2024-03-17T23:53:33.166Z

Weakness Enumerations

CWE	URL
CWE-457	http://cwe.mitre.org/data/definitions/457.html

References

Reference URL	Reference Tags
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-23137
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23137

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 07:19:01				Added to TrackCVE