CVE-2021-27034
Summary
| CVE | CVE-2021-27034 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-07-09 15:15:00 UTC |
| Updated | 2021-12-08 20:23:00 UTC |
| Description | A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | Design Review | 2011 | All | All | All |
| Application | Autodesk | Design Review | 2012 | All | All | All |
| Application | Autodesk | Design Review | 2013 | All | All | All |
| Application | Autodesk | Design Review | 2017 | All | All | All |
| Application | Autodesk | Design Review | 2018 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDI-21-1130 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| ZDI-21-1132 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1129 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1125 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1127 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1126 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1131 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1128 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 375926 Autodesk Design Review Multiple Vulnerabilities (ADSK-SA-2021-0003)