CVE-2021-27035

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

A maliciously crafted TIFF, PDF, PICT or DWF files in Autodesk 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PDF, PICT or DWF files. This vulnerability can be exploited to execute arbitrary code.

Reference Links(if available):

  • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003
  • https://www.zerodayinitiative.com/advisories/ZDI-21-1140/
  • https://www.zerodayinitiative.com/advisories/ZDI-21-1136/
  • https://www.zerodayinitiative.com/advisories/ZDI-21-1135/
  • https://www.zerodayinitiative.com/advisories/ZDI-21-1134/
  • CVSS Score (if available)

    v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • Available for Amazon Prime