Vulnerability Description
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Autodesk | Advance Steel | 2018 |
| Autodesk | Autocad | 2018 |
| Autodesk | Autocad Architecture | 2018 |
| Autodesk | Autocad Electrical | 2018 |
| Autodesk | Autocad Lt | 2018 |
| Autodesk | Autocad Map 3D | 2018 |
| Autodesk | Autocad Mechanical | 2018 |
| Autodesk | Autocad Mep | 2018 |
| Autodesk | Autocad P\&Id | 2018 |
| Autodesk | Autocad Plant 3D | 2018 |
| Autodesk | Civil 3D | 2018 |
Related Weaknesses (CWE)
References
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001Vendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001Vendor Advisory
FAQ
What is CVE-2019-7359?
CVE-2019-7359 is a vulnerability with a CVSS score of 7.8 (HIGH). An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018...
How severe is CVE-2019-7359?
CVE-2019-7359 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-7359?
Check the references section above for vendor advisories and patch information. Affected products include: Autodesk Advance Steel, Autodesk Autocad, Autodesk Autocad Architecture, Autodesk Autocad Electrical, Autodesk Autocad Lt.