CVE-2024-37006

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD (affected versions not specified)

Description: The issue is caused by a maliciously crafted CATPRODUCT file, which when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This can potentially allow for code execution in the context of the current process, especially when combined with other vulnerabilities. The vulnerability is related to an out-of-bounds read in the CC5Dll.dll library, which can be exploited by a remote attacker using a specially crafted file.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.