Autodesk 多个产品DWG处理代码执行漏洞
Autodesk 多个产品DWG处理代码执行漏洞
发布日期:2013-07-18
更新日期:2013-07-19
受影响系统:
Autodesk AutoCAD 2013
Autodesk AutoCAD 2012
Autodesk AutoCAD 2011
Autodesk AutoCAD Civil 3D 2013.x
Autodesk AutoCAD Civil 3D 2012.x
Autodesk AutoCAD Civil 3D 2011.x
Autodesk AutoCAD Architecture 2013
Autodesk AutoCAD Architecture 2012
Autodesk AutoCAD Architecture 2011
Autodesk AutoCAD MEP 2013
Autodesk AutoCAD MEP 2012
Autodesk AutoCAD MEP 2011
描述:
--------------------------------------------------------------------------------
CVE(CAN) ID: CVE-2013-3665
Autodesk是二维和三维设计、工程及娱乐软件厂商,旗下拥有拥有“AutoCAD”、“3DS Max”等知名软件。
多个Autodesk产品在处理DWG文件时存在安全漏洞,可被恶意用户利用执行任意代码,从而破坏用户系统。
<*来源:Joshep J. Cortez Sanchez
Felipe Andres Manzano
链接:http://secunia.com/advisories/54198/
http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Autodesk
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.autodesk.com.cn/adsk/servlet/index?id=9297866&siteID=1170359
评论暂时关闭