CVE-2005-4710
CVSS4.6
发布时间 :2005-12-31 00:00:00
修订时间 :2008-09-05 16:57:36
NMCO    

[原文]Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.


[CNNVD]Autodesk多个产品远程未授权访问漏洞(CNNVD-200512-668)

        从2006起及更早的多个Autodesk和AutoCAD产品和产品族存在未明漏洞,远程攻击者可"获得另一个本地用户计算机的不恰当的访问,"又称为ID DL5549329。

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:autodesk:raster_design:2006Autodesk Raster Design 2006
cpe:/a:autodesk:autocad_mechanical:2006Autodesk AutoCAD Mechanical 2006
cpe:/a:autodesk:map_3d:2006Autodesk Map 3D 2006
cpe:/a:autodesk:land_desktop:2006Autodesk Land Desktop 2006
cpe:/a:autodesk:map_3d:2005Autodesk Map 3D 2005
cpe:/a:autodesk:inventor:10::professional
cpe:/a:autodesk:building_systems:2006Autodesk Building Systems 2006
cpe:/a:autodesk:revit_structure:8.1
cpe:/a:autodesk:autocad_electrical:2005Autodesk AutoCAD Electrical 2005
cpe:/a:autodesk:utility_design:2005Autodesk Utility Design 2005
cpe:/a:autodesk:autocad_civil_3d:2006Autodesk Building Civil 3D 2006
cpe:/a:autodesk:raster_design:2005Autodesk Raster Design 2005
cpe:/a:autodesk:survey:2006:sp1Autodesk Survey 2006_1
cpe:/a:autodesk:autocad:2005Autodesk AutoCAD 2005
cpe:/a:autodesk:autocad_mechanical:2005Autodesk AutoCAD Mechanical 2005
cpe:/a:autodesk:autocad_civil_3d:2005Autodesk Building Civil 3D 2005
cpe:/a:autodesk:autocad:2006Autodesk AutoCAD 2006
cpe:/a:autodesk:building_systems:2005Autodesk Building Systems 2005
cpe:/a:autodesk:viz:2006Autodesk VIZ 2006
cpe:/a:autodesk:revit:8Autodesk Revit 8
cpe:/a:autodesk:revit:7Autodesk Revit 7
cpe:/a:autodesk:revit_structure:6
cpe:/a:autodesk:autocad_lt:2005Autodesk AutoCAD LT 2005
cpe:/a:autodesk:autocad_electrical:2006Autodesk AutoCAD Electrical 2006
cpe:/a:autodesk:3ds_max:7Autodesk Autodesk 3ds Max 7
cpe:/a:autodesk:civil_design:2005Autodesk Building Civil Design 2005
cpe:/a:autodesk:survey:2005Autodesk Survey 2005
cpe:/a:autodesk:architectural_desktop:2005Autodesk Architectural Desktop 2005
cpe:/a:autodesk:inventor:9Autodesk Inventor Series 9
cpe:/a:autodesk:architectural_desktop:2006Autodesk Architectural Desktop 2006
cpe:/a:autodesk:land_desktop:2005:sp1Autodesk Land Desktop 2005_10
cpe:/a:autodesk:autocad_lt:2006Autodesk AutoCAD LT 2006

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4710
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4710
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-668
(官方数据源) CNNVD

- 其它链接及资源

http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232
(VENDOR_ADVISORY)  CONFIRM  http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232
http://xforce.iss.net/xforce/xfdb/24460
(UNKNOWN)  XF  autodesk-gain-privileges(24460)
http://www.securityfocus.com/bid/16472
(UNKNOWN)  BID  16472
http://secunia.com/advisories/18682
(VENDOR_ADVISORY)  SECUNIA  18682

- 漏洞信息

Autodesk多个产品远程未授权访问漏洞
中危 资料不足
2005-12-31 00:00:00 2006-02-13 00:00:00
远程  
        从2006起及更早的多个Autodesk和AutoCAD产品和产品族存在未明漏洞,远程攻击者可"获得另一个本地用户计算机的不恰当的访问,"又称为ID DL5549329。

- 公告与补丁

        

- 漏洞信息

22881
Autodesk Multiple Products Unspecified System Access

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-10-24 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站