CVE-2021-40162
Summary
| CVE | CVE-2021-40162 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-10-07 18:15:00 UTC |
| Updated | 2022-10-11 17:06:00 UTC |
| Description | A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | Autocad | All | All | All | All |
| Application | Autodesk | Autocad Advance Steel | All | All | All | All |
| Application | Autodesk | Autocad Architecture | All | All | All | All |
| Application | Autodesk | Autocad Civil 3d | All | All | All | All |
| Application | Autodesk | Autocad Electrical | All | All | All | All |
| Application | Autodesk | Autocad Lt | All | All | All | All |
| Application | Autodesk | Autocad Lt | All | All | All | All |
| Application | Autodesk | Autocad Map 3d | All | All | All | All |
| Application | Autodesk | Autocad Mechanical | All | All | All | All |
| Application | Autodesk | Autocad Mep | All | All | All | All |
| Application | Autodesk | Autocad Plant 3d | All | All | All | All |
| Application | Autodesk | Design Review | 2018 | - | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix2 | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix3 | All | All |
| Application | Autodesk | Dwg Trueview | All | All | All | All |
| Application | Autodesk | Fusion | All | All | All | All |
| Application | Autodesk | Infrastructure Parts Editor | All | All | All | All |
| Application | Autodesk | Infrastructure Parts Editor | 2021 | All | All | All |
| Application | Autodesk | Infrastructure Parts Editor | 2022 | All | All | All |
| Application | Autodesk | Infraworks | All | All | All | All |
| Application | Autodesk | Infraworks | 2019.3 | - | All | All |
| Application | Autodesk | Infraworks | 2019.3 | hotfix_1 | All | All |
| Application | Autodesk | Infraworks | 2019.3 | hotfix_2 | All | All |
| Application | Autodesk | Infraworks | 2019.3 | hotfix_3 | All | All |
| Application | Autodesk | Infraworks | 2020.2 | - | All | All |
| Application | Autodesk | Infraworks | 2020.2 | hotfix_1 | All | All |
| Application | Autodesk | Infraworks | 2020.2 | hotfix_2 | All | All |
| Application | Autodesk | Infraworks | 2021.2 | - | All | All |
| Application | Autodesk | Infraworks | 2021.2 | hotfix_1 | All | All |
| Application | Autodesk | Infraworks | 2021.2 | hotfix_2 | All | All |
| Application | Autodesk | Infraworks | 2022.0 | - | All | All |
| Application | Autodesk | Infraworks | 2022.0 | hotfix_1 | All | All |
| Application | Autodesk | Infraworks | 2022.1 | All | All | All |
| Application | Autodesk | Inventor | All | All | All | All |
| Application | Autodesk | Navisworks | All | All | All | All |
| Application | Autodesk | Revit | All | All | All | All |
| Application | Autodesk | Revit | 2022 | All | All | All |
| Application | Autodesk | Storm And Sanitary Analysis | All | All | All | All |
| Application | Autodesk | Storm And Sanitary Analysis | 2019 | All | All | All |
| Application | Autodesk | Storm And Sanitary Analysis | 2022 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.