Описание
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:*
cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_advance_steel:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_advance_steel:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_civil_3d:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_civil_3d:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:macos:*:*
cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00192
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
EPSS
Процентиль: 41%
0.00192
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787