CVE-2022-27531Out-of-bounds Read in 3DS MAX

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 42.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk 3DS MAX
Timeline
PublishedJun 16
Latest updateJun 17

Description

A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDautodesk/3ds_max20212021.3.8+1

🔴Vulnerability Details

2
GHSA
GHSA-7fp4-mrrw-pvq5: A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files2022-06-17
CVEList
CVE-2022-27531: A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files2022-06-16
CVE-2022-27531 — Out-of-bounds Read in Autodesk 3DS MAX | cvebase