A maliciously crafted DWFX file, when parsed in w3dtk.dll...
High severity
Unreviewed
Published
Sep 30, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Sep 30, 2024
Published to the GitHub Advisory Database
Sep 30, 2024
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References