CVE-2021-27036
Summary
| CVE | CVE-2021-27036 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-07-09 15:15:00 UTC |
| Updated | 2022-05-12 16:57:00 UTC |
| Description | A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | Design Review | 2011 | All | All | All |
| Application | Autodesk | Design Review | 2012 | All | All | All |
| Application | Autodesk | Design Review | 2013 | All | All | All |
| Application | Autodesk | Design Review | 2017 | All | All | All |
| Application | Autodesk | Design Review | 2018 | All | All | All |
| Application | Autodesk | Design Review | 2018 | - | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix2 | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDI-22-458 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-22-482 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| ZDI-22-479 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1138 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1141 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1143 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-22-462 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-21-1142 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| ZDI-22-456 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| ZDI-22-457 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 375926 Autodesk Design Review Multiple Vulnerabilities (ADSK-SA-2021-0003)