CVE-2021-27034

CWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.7%
top 28.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk Design Review
Timeline
PublishedJul 9
Latest updateMay 24

Description

A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5autodesk_design_review2018, 2017, 2013, 2012, 2011
NVDautodesk/design_review5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-rw8g-f8hg-gjm6: A heap-based buffer overflow could occur while parsing PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 20112022-05-24
CVEList
CVE-2021-27034: A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 20112021-07-09
CVE-2021-27034 (HIGH CVSS 7.8) | A heap-based buffer overflow could | cvebase.io