CVE-2013-5365

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.3CRITICAL

EPSS

6.2%

top 9.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Autodesk Sketchbook Autodesk Sketchbook Express Autodesk Sketchbook FOR Enterprise 2014 +1 more

Timeline

PublishedApr 2

Latest updateMay 17

Description

Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDautodesk/sketchbook_express6.2.4

▶NVDautodesk/sketchbook6.2.4

▶NVDautodesk/sketchbook_pro6.2.4

Patches

Patch: www.sketchbook.com ↗Patch: www.sketchbook.com ↗

🔴Vulnerability Details

GHSA

GHSA-p62r-7mj8-qqmj: Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6↗2022-05-17

▶

CVEList

CVE-2013-5365: Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6↗2014-04-02

▶