Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Autodesk
  • Design Review

Configuration 1 [-]

cpe:2.3:a:autodesk:design_review:2013:*:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/79800
http://www.zerodayinitiative.com/advisories/ZDI-15-617
https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-12-15T21:00:00

Updated: 2016-11-25T19:57:01

Reserved: 2015-12-15T00:00:00

Link: CVE-2015-8571

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2015-12-15T21:59:12.657

Modified: 2016-11-28T19:48:12.657

Link: CVE-2015-8571

JSON object: View

cve-icon Redhat Information

No data.

CWE