Overview
- Description
- A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
- Source
- psirt@autodesk.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 4.2
- Impact score
- 2.5
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
- Severity
- MEDIUM
Weaknesses
- psirt@autodesk.com
- CWE-416
Social media
- Hype score
- Not currently trending