{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-23130", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "state": "PUBLISHED", "assignerShortName": "autodesk", "dateReserved": "2024-01-11T21:47:40.855Z", "datePublished": "2024-02-22T03:33:55.872Z", "dateUpdated": "2024-06-25T00:37:10.780Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "AutoCAD, Advance Steel and Civil 3D", "vendor": "Autodesk", "versions": [{"status": "affected", "version": "2024, 2023, 2022, 2021"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.<br><br><br>"}], "value": "A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119 Memory Corruption - Generic", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2024-06-25T00:37:10.780Z"}, "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"}, {"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"}, {"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"descriptions": [{"lang": "en", "value": "A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."}, {"lang": "es", "value": "Un archivo SLDASM o SLDPRT creado con fines malintencionados en ODXSW_DLL.dll cuando se analiza a trav\u00e9s de Autodesk AutoCAD podr\u00eda provocar una vulnerabilidad de corrupci\u00f3n de memoria por infracci\u00f3n de acceso de escritura. Esta vulnerabilidad, junto con otras vulnerabilidades, podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo en el contexto del proceso actual."}], "id": "CVE-2024-23130", "lastModified": "2024-06-25T01:15:50.197", "metrics": {}, "published": "2024-02-22T04:15:08.737", "references": [{"source": "psirt@autodesk.com", "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"}, {"source": "psirt@autodesk.com", "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"}, {"source": "psirt@autodesk.com", "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "psirt@autodesk.com", "type": "Secondary"}]}

{}