Autodesk Desktop Application versions 7.0.16.29 Untrusted Search Path Vulnerability

Summary

Under certain conditions, an attacker may trick a user into downloading a malicious DLL file into the working directory of Autodesk Desktop Application (ADA). The malicious DLL file may then leverage a DLL preloading vulnerability in ADA and execute code on the system.

Credit:

The information has been provided by Peleg Hadar

The original article can be found at:https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0004


Details

DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.

 

Vulnerable Systems:

Autodesk Desktop Application versions 7.0.16.29 and earlier.

 

CVE Information:

CVE-2019-7365

 

Disclosure Timeline:
Published Date:12/3/2019

Categories: FeaturedNews