Описание
A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:design_review:2011:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2012:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2013:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2017:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00666
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
github
больше 3 лет назад
A heap-based buffer overflow could occur while parsing PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
CVSS3: 8.8
fstec
около 5 лет назад
Уязвимость реализации синтаксического анализа файлов формата PICT программного средства для нанесения электронных пометок Autodesk Design Review, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 71%
0.00666
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787