admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-121xx/CVE-2024-12178.json
cad-safe-bot 904f6fe5d6 Auto-Update: 2025-01-29T19:00:30.349965+00:00
2025-01-29 19:03:57 +00:00

60 lines
1.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-12178",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-12-17T16:15:23.687",
"lastModified": "2025-01-29T17:15:27.053",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
},
{
"lang": "es",
"value": "Un archivo DWFX manipulado con fines malintencionados, al analizarse mediante Autodesk Navisworks, puede provocar una vulnerabilidad de corrupci\u00f3n de memoria. Un actor malintencionado puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0027",
"source": "psirt@autodesk.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink