Autodesk DWG TrueView Buffer Overflow

Medium Nessus Plugin ID 76308


An application on the remote host is affected by a buffer overflow vulnerability.


The remote host has an install of Autodesk DWG TrueView version 2011, 2012, 2013 or 2014, and thus is affected by an error related to the handling of DWG files.

The error exists due to a failure to properly bounds-check data in DWG files before using it to index and copy heap memory values. An attacker could exploit this issue by convincing a user to open a specially crafted DWG file which could result in arbitrary code execution.


Upgrade to version,,, or later.

See Also

Plugin Details

Severity: Medium

ID: 76308

File Name: autodesk_dwg_trueview_overflow.nasl

Version: $Revision: 1.1 $

Type: local

Agent: windows

Family: Windows

Published: 2014/06/30

Modified: 2014/06/30

Dependencies: 76307

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:autodesk:dwg_trueview

Required KB Items: SMB/Autodesk DWG TrueView/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/07/10

Vulnerability Publication Date: 2013/06/24

Reference Information

CVE: CVE-2013-3665

BID: 61355

OSVDB: 95384