A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1125/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1126/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1127/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1128/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1129/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1130/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1131/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1132/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
08 Dec 2021, 20:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1125/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1132/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1126/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1130/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1129/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1128/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1131/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1127/ - Third Party Advisory, VDB Entry |
17 Nov 2021, 22:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code. |
06 Oct 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Jul 2021, 16:50
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003 - Vendor Advisory | |
CPE | cpe:2.3:a:autodesk:design_review:2012:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2011:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2017:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2013:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
CWE | CWE-787 |
09 Jul 2021, 15:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-09 15:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-27034
Mitre link : CVE-2021-27034
CVE.ORG link : CVE-2021-27034
JSON object : View
Products Affected
autodesk
- design_review
CWE
CWE-787
Out-of-bounds Write