CVE Published: 25/06/2024 |
CVE Updated: 02/08/2024 |
CVE Year: 2024 Source: autodesk |
Vendor: Autodesk |
Product: AutoCAD, Advance Steel and Civil 3D Status : PUBLISHED
CVE-2024-36999 Description
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.