Lucene search
HistoryDec 08, 2014 - 4:59 p.m.
CVE-2014-9268
cve-2014-9268
adview
adviewer
activex control
autodesk design review
adr
remote code execution
crafted dwf file
security vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.082 Low
EPSS
Percentile
94.4%
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
Affected configurations
Node
autodeskdesign_reviewRange≤2013
| CPE | Name | Operator | Version |
|---|---|---|---|
| autodesk:design_review | autodesk design review | le | 2013 |
Related
nvd
nvd
CVE-2014-9268
2014-12-08 16:59:09
zdi
zdi
Autodesk Design Review AdView.AdViewer.1 Remote Code Execution Vulnerability
2014-12-04 00:00:00
cvelist
cvelist
CVE-2014-9268
2014-12-08 16:00:00
nessus
nessus
Autodesk Design Review AdView.AdViewer ActiveX Control RCE
2015-02-12 00:00:00
prion
prion
Code injection
2014-12-08 16:59:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.082 Low
EPSS
Percentile
94.4%
Related for CVE-2014-9268