CVE-2022-41308

A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:autodesk:subassembly_composer:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:subassembly_composer:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:subassembly_composer:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:subassembly_composer:2023:*:*:*:*:*:*:*

History

21 Nov 2024, 07:23

Type Values Removed Values Added
References () https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 - Vendor Advisory () https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 - Vendor Advisory

Information

Published : 2022-10-14 17:15

Updated : 2024-11-21 07:23


NVD link : CVE-2022-41308

Mitre link : CVE-2022-41308

CVE.ORG link : CVE-2022-41308


JSON object : View

Products Affected

autodesk

  • subassembly_composer
CWE
CWE-787

Out-of-bounds Write