CVE-2019-7358

Name of the Vulnerable Software and Affected Versions Autodesk Advance Steel version 2018 Autodesk AutoCAD version 2018 Autodesk AutoCAD Architecture version 2018 Autodesk AutoCAD Electrical version 2018 Autodesk AutoCAD Map 3D version 2018 Autodesk AutoCAD Mechanical version 2018 Autodesk AutoCAD MEP version 2018 Autodesk AutoCAD P&ID version 2018 Autodesk AutoCAD Plant 3D version 2018 Autodesk AutoCAD LT version 2018 Autodesk Civil 3D version 2018

Description The issue is related to a heap overflow vulnerability in the DXF-parsing functionality. A specially crafted DXF file can cause a heap overflow, potentially resulting in code execution.

Recommendations For Autodesk Advance Steel version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD Architecture version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD Electrical version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD Map 3D version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD Mechanical version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD MEP version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD P&ID version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD Plant 3D version 2018, update to a fixed version to resolve the issue. For Autodesk AutoCAD LT version 2018, update to a fixed version to resolve the issue. For Autodesk Civil 3D version 2018, update to a fixed version to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted DXF files until a patch is available.