A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Apr 2022, 16:25
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
| References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 - Vendor Advisory | |
| CWE | CWE-787 | |
| CPE | cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2013:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2012:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2017:*:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2011:*:*:*:*:*:*:* |
18 Apr 2022, 17:45
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-04-18 17:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-27526
Mitre link : CVE-2022-27526
CVE.ORG link : CVE-2022-27526
JSON object : View
Products Affected
autodesk
- design_review
CWE
CWE-787
Out-of-bounds Write