CVE-2022-25794

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.8HIGH
EPSS
0.4%
top 38.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk FBX Review
Timeline
PublishedApr 11
Latest updateApr 12

Description

An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code 'ABC' files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDautodesk/fbx_review< 1.5.3
CVEListV5autodesk_fbx_review1.5.2

🔴Vulnerability Details

2
GHSA
GHSA-779h-whfc-q2qp: An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 12022-04-12
CVEList
CVE-2022-25794: An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 12022-04-11
CVE-2022-25794 (HIGH CVSS 7.8) | An Out-Of-Bounds Read Vulnerability | cvebase.io