A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Attack Vector Local
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
User Interaction Required
No CVSS v3.0
No CVSS v2
Vendors | Products |
---|---|
Autodesk |
|
Configuration 1 [-]
|
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: autodesk
Published: 2022-10-07T00:00:00
Updated: 2022-10-07T00:00:00
Reserved: 2021-08-27T00:00:00
Link: CVE-2021-40165
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-07T18:15:14.650
Modified: 2022-10-11T17:10:34.633
Link: CVE-2021-40165
JSON object: View
Redhat Information
No data.
CWE