Lucene search

[email protected]CVE-2015-8572

HistoryDec 15, 2015 - 9:59 p.m.

CVE-2015-8572

2015-12-1521:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2015

8572

buffer overflows

autodesk design review

adr

remote attackers

arbitrary code

rle data

bmp

fli

pcx file

gif file

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

JSON

Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file.

CPENameOperatorVersion
autodesk:design_reviewautodesk design revieweq2013

CPE	Name	Operator	Version
autodesk:design_review	autodesk design review	eq	2013

References

www.zerodayinitiative.com/advisories/ZDI-15-615

www.zerodayinitiative.com/advisories/ZDI-15-616

www.zerodayinitiative.com/advisories/ZDI-15-618

www.zerodayinitiative.com/advisories/ZDI-15-619

www.zerodayinitiative.com/advisories/ZDI-15-620

knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2015-8572

checkpoint_advisories1 zdi5 prion1 cvelist1 kaspersky1 nessus1