admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-09 20:00:42 +00:00
parent db3d042605
commit 37ee02c3b4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
16 changed files with 893 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/17xxx/CVE-2018-17144.json
View File

@ -71,6 +71,11 @@
"name": "https://github.com/bitcoinknots/bitcoin/blob/v0.16.3.knots20180918/doc/release-notes.md",
"refsource": "MISC",
"url": "https://github.com/bitcoinknots/bitcoin/blob/v0.16.3.knots20180918/doc/release-notes.md"
},
{
"refsource": "MISC",
"name": "https://github.com/JinBean/CVE-Extension",
"url": "https://github.com/JinBean/CVE-Extension"
}
]
}

10
2018/18xxx/CVE-2018-18308.json
View File

@ -61,6 +61,16 @@
"name": "45628",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45628/"
},
{
"refsource": "MISC",
"name": "https://github.com/bigtreecms/BigTree-CMS/issues/356",
"url": "https://github.com/bigtreecms/BigTree-CMS/issues/356"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/bigtreecms/BigTree-CMS/commit/ffd668a3aa7d2f540dbcdf5751f207302519df72",
"url": "https://github.com/bigtreecms/BigTree-CMS/commit/ffd668a3aa7d2f540dbcdf5751f207302519df72"
}
]
}

58
2018/18xxx/CVE-2018-18365.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18365",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-18365",
"ASSIGNER": "secure@symantec.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.2.0.1078 (Android) & 6.2.309 (iOS)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address Spoof"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.symantec.com/en_US/article.SYMSA1475.html",
"url": "https://support.symantec.com/en_US/article.SYMSA1475.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic."
}
]
}

5
2018/20xxx/CVE-2018-20237.json
View File

@ -74,6 +74,11 @@
"name": "107041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107041"
},
{
"refsource": "MISC",
"name": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-20237/",
"url": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-20237/"
}
]
}

5
2018/3xxx/CVE-2018-3639.json
View File

@ -732,6 +732,11 @@
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"refsource": "CONFIRM",
"name": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html",
"url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
}
]
}

5
2019/10xxx/CVE-2019-10845.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://vuldb.com/?id.132960",
"url": "https://vuldb.com/?id.132960"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152452/Uniqkey-Password-Manager-1.14-Denial-Of-Service.html",
"url": "http://packetstormsecurity.com/files/152452/Uniqkey-Password-Manager-1.14-Denial-Of-Service.html"
}
]
}

58
2019/1xxx/CVE-2019-1567.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1567",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-1567",
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Palo Alto Networks Expedition Migration Tool",
"version": {
"version_data": [
{
"version_value": "Expedition 1.1.6 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/141",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/141"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings."
}
]
}

31
2019/5xxx/CVE-2019-5019.json
View File

@ -1,14 +1,17 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2019-02-28T00:00:00",
"ID": "CVE-2019-5019",
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
@ -22,23 +25,11 @@
}
}
]
},
"vendor_name": "Talos"
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
@ -54,10 +45,18 @@
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780",
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution."
}
]
}
}

58
2019/5xxx/CVE-2019-5511.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5511",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5511",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_value": "VMware Workstation 15.x prior to 15.0.3, 14.x before 14.1.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0002.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0002.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege."
}
]
}

58
2019/5xxx/CVE-2019-5512.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5512",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5512",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_value": "VMware Workstation 15.x prior to 15.0.3, 14.x before 14.1.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0002.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0002.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege."
}
]
}

58
2019/5xxx/CVE-2019-5513.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5513",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5513",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware Horizon Connection Server",
"version": {
"version_data": [
{
"version_value": "VMware Horizon Connection Server 7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0003.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0003.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server\u2019s internal name, or the gateway\u2019s internal IP address."
}
]
}

5
2019/6xxx/CVE-2019-6977.json
View File

@ -106,6 +106,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1140",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html",
"url": "http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html"
}
]
}

150
2019/7xxx/CVE-2019-7358.json
View File

@ -1,8 +1,131 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7358",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P&ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +134,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}

150
2019/7xxx/CVE-2019-7359.json
View File

@ -1,8 +1,131 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7359",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P&ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +134,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}

150
2019/7xxx/CVE-2019-7360.json
View File

@ -1,8 +1,131 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7360",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P&ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +134,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}

150
2019/7xxx/CVE-2019-7361.json
View File

@ -1,8 +1,131 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2019-7361",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk Civil 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk Advance Steel",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Architecture",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Electrical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD MEP",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD P&ID",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
},
{
"product_name": "Autodesk AutoCAD LT",
"version": {
"version_data": [
{
"version_value": "2018"
}
]
}
}
]
},
"vendor_name": "Autodesk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +134,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001",
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001"
}
]
}