7.8
CVE-2021-27039
- EPSS 0.26%
- Veröffentlicht 09.07.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:57:13
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Design Review Version2011
Autodesk ≫ Design Review Version2012
Autodesk ≫ Design Review Version2013
Autodesk ≫ Design Review Version2017
Autodesk ≫ Design Review Version2018
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.494 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.