A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS
No CVSS.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: autodesk
Published: 2024-06-25T01:01:56.652Z
Updated: 2024-06-25T13:58:02.177Z
Reserved: 2024-01-11T21:51:08.013Z
Link: CVE-2024-23140
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T02:15:10.940
Modified: 2024-06-25T12:24:17.873
Link: CVE-2024-23140
JSON object: View
Redhat Information
No data.
CWE