PT-2021-7087 · Autodesk · Autodesk Design Review

Published

2021-11-06

Updated

2022-04-25

CVE-2022-27526

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Autodesk Design Review (affected versions not specified)

Description The issue is related to a buffer overflow in memory when parsing TGA files, which can lead to memory corruption. This can be exploited by a remote attacker using a specially crafted TGA file, potentially allowing the execution of arbitrary code in the context of the current user. The vulnerability may be used in conjunction with other issues to achieve code execution in the context of the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2022-03256

CVE-2022-27526

Affected Products

Autodesk Design Review

PT-2021-7087 · Autodesk · Autodesk Design Review

CVE-2022-27526

Weakness Enumeration

Related Identifiers

Affected Products

References · 7