Lucene search

K

[email protected]NVD:CVE-2015-8572

HistoryDec 15, 2015 - 9:59 p.m.

CVE-2015-8572

2015-12-1521:59:13

CWE-119

[email protected]

web.nvd.nist.gov

1

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.063 Low

EPSS

Percentile

93.7%

Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file.

Affected configurations

NVD

Node

autodeskdesign_reviewMatch2013

References

www.zerodayinitiative.com/advisories/ZDI-15-615

www.zerodayinitiative.com/advisories/ZDI-15-616

www.zerodayinitiative.com/advisories/ZDI-15-618

www.zerodayinitiative.com/advisories/ZDI-15-619

www.zerodayinitiative.com/advisories/ZDI-15-620

knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.063 Low

EPSS

Percentile

93.7%

Related for NVD:CVE-2015-8572

zdi5 prion1 cvelist1 cve1 checkpoint_advisories1 kaspersky1 nessus1