exploitDog

CVE-2022-27870

Опубликовано: 21 июн. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004
Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00418

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-48mq-cxq7-3hpx

CVSS3: 7.8

github

больше 3 лет назад

A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.

EPSS

Процентиль: 61%

0.00418

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787