Autodesk Design Review 2018

CPE Details

Autodesk Design Review 2018
autodesk
design_review
2018
2019-08-28
15h55 +00:00
2022-03-23
17h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:autodesk:design_review:2018:*:*:*:*:*:*:*

Informations

Vendor

autodesk

Product

design_review

Version

2018

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-40167 2022-01-25 18h11 +00:00 A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
7.8
High
CVE-2021-27039 2021-07-09 12h18 +00:00 A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code.
7.8
High
CVE-2021-27038 2021-07-09 12h17 +00:00 A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code.
7.8
High
CVE-2021-27034 2021-07-09 12h16 +00:00 A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
7.8
High
CVE-2021-27033 2021-07-09 12h12 +00:00 A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
7.8
High
CVE-2019-7363 2019-08-23 17h35 +00:00 Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
7.8
High
CVE-2019-7362 2019-08-23 17h35 +00:00 DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.