7.8
CVE-2021-27045
- EPSS 0.42%
- Veröffentlicht 15.09.2021 17:15:09
- Zuletzt bearbeitet 21.11.2024 05:57:14
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Navisworks Version2019
Autodesk ≫ Navisworks Version2020
Autodesk ≫ Navisworks Version2021
Autodesk ≫ Navisworks Version2022
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.589 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.