Use of Uninitialized Variable
CVE-2024-23159
Summary
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-457 - Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
References
Advisory Timeline
- Published
