Monday, July 15, 2013

Security Hotfix: Autodesk AutoCAD Code Execution Vulnerability

This hot fix addresses a vulnerability that could lead to an arbitrary code execution when loading specifically crafted DWG files. The vulnerability has a Common Vulnerabilities Exposure (CVE) ID CVE-2013-3665. For more information, please visit the CVE dictionary at http://cve.mitre.org as well as this detailed paper.

This Hotfix works with supported versions (see readme) of AutoCAD 2011-2014, AutoCAD LT 2011-2014, DWG TrueView 2011-2014, and associated verticals. Download it here. Files affected are acdb18.dll, acdb19.dll, AcSignCore16.dll and AdApplicationFrame.dll.

Note that when the script is run it will kill explorer.exe and restart it when ready.

But I got problem to run this.

Windows Script Host displayed this error:
---------------------------
Script:    C:\Users\<user>\AppData\Local\Temp\BufferOverrunHotfix\Hotfix.vbs
Line:    556
Char:    5
Error:    Permission denied
Code:    800A0046
Source:     Microsoft VBScript runtime error
---------------------------

Afterward Explorer had to be started manually.

I looked at the log file %temp%\BufferOverrunHotfix.log and found this as the last row:
Applying Hotfix file AcSignCore16.dll from: C:\Users\<user>\AppData\Local\Temp\BufferOverrunHotfix\files\19.1.75.0\x64\ to: C:\Program Files\Common Files\Autodesk Shared\

I then used Process Explorer and searched for AcSignCore16.dll and found that the process KeePass.exe used it so I killed it and after that I successfully could run the complete hotfix.

If you want to distribute this hotfix on many computers run it on a test computer and then grab the files found in %TEMP%\BufferOverrunHotfix. HotfixLauncher.vbs and Hotfix.vbs can be edited as needed.

UPDATE: This hotfix is included in AutoCAD 2014 Service Pack 1.

No comments:

Post a Comment