Description
Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/79800
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-617
Vendor Advisory x_refsource_confirm
https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html
Scores
EPSS
0.0301
EPSS Percentile
86.8%
Details
CWE
CWE-189
Status
published
Products (1)
autodesk/design_review
2013
Published
Dec 15, 2015
Tracked Since
Feb 18, 2026