CVE-2021-27034
HIGHAutodesk Design Review 2011-2018 - Heap-Based Buffer Overflow in PICT/PCX/RCL/TIFF File Parser
Title source: llmDescription
A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
References (9)
Core 9
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1127/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1132/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1125/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1126/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1128/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1129/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1130/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-1131/
Scores
CVSS v3
7.8
EPSS
0.0067
EPSS Percentile
71.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (5)
autodesk/design_review
2011
autodesk/design_review
2012
autodesk/design_review
2013
autodesk/design_review
2017
autodesk/design_review
2018
Published
Jul 09, 2021
Tracked Since
Feb 18, 2026