First published: Fri Jul 09 2021(Updated: )
A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Design Review | =2011 | |
Autodesk Design Review | =2012 | |
Autodesk Design Review | =2013 | |
Autodesk Design Review | =2017 | |
Autodesk Design Review | =2018 | |
Autodesk Design Review | =2018-hotfix | |
Autodesk Design Review | =2018-hotfix2 | |
Autodesk Design Review | =2018-hotfix3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-27036.
The severity of CVE-2021-27036 is high with a score of 7.8.
Autodesk Design Review versions 2011, 2012, 2013, 2017, 2018, 2018-hotfix, 2018-hotfix2, and 2018-hotfix3 are affected by CVE-2021-27036.
CVE-2021-27036 can be exploited by using a maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD, or TIFF file to write beyond the allocated buffer while parsing files.
Additional information about CVE-2021-27036 can be found at the following link: [Autodesk Security Advisories](https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004)