cbcvebase.
CVE-2021-40160
published 2021-12-23

CVE-2021-40160: PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.

Affected

20 ranges
VendorProductVersion rangeFixed in
autodeskadvance_steel>= 2022 < 2022.1.12022.1.1
autodeskautocad>= 2022 < 2022.1.12022.1.1
autodeskautocad>= 2022 < 2022.22022.2
autodeskautocad_architecture>= 2022 < 2022.1.12022.1.1
autodeskautocad_electrical>= 2022 < 2022.1.12022.1.1
autodeskautocad_lt>= 2022 < 2022.1.12022.1.1
autodeskautocad_lt>= 2022 < 2022.22022.2
autodeskautocad_map_3d>= 2022 < 2022.1.12022.1.1
autodeskautocad_mechanical>= 2022 < 2022.1.12022.1.1
autodeskautocad_mep>= 2022 < 2022.1.12022.1.1
autodeskautocad_plant_3d>= 2022 < 2022.1.12022.1.1
autodeskcivil_3d>= 2022 < 2022.1.12022.1.1
autodeskdesign_review
autodesknavisworks>= 2019 < 2019.62019.6
autodesknavisworks>= 2020 < 2020.42020.4
autodesknavisworks>= 2021 < 2021.32021.3
autodesknavisworks>= 2022 < 2022.12022.1
autodeskrevit>= 2020 < 2020.2.52020.2.5
autodeskrevit>= 2021 < 2021.1.42021.1.4
autodeskrevit>= 2022 < 2022.12022.1