7.8
CVE-2021-27046
- EPSS 0.07%
- Veröffentlicht 15.09.2021 17:15:09
- Zuletzt bearbeitet 21.11.2024 05:57:14
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Navisworks Version2019
Autodesk ≫ Navisworks Version2020
Autodesk ≫ Navisworks Version2021
Autodesk ≫ Navisworks Version2022
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.177 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.