A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
Attack Vector Local
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
User Interaction Required
No CVSS v3.0
No CVSS v2
Vendors | Products |
---|---|
Autodesk |
|
Configuration 1 [-]
|
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: autodesk
Published: 2022-10-07T00:00:00
Updated: 2022-10-07T00:00:00
Reserved: 2021-08-27T00:00:00
Link: CVE-2021-40166
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-07T18:15:14.743
Modified: 2022-10-11T17:11:45.707
Link: CVE-2021-40166
JSON object: View
Redhat Information
No data.
CWE