253 matches found
CVE-2015-8571
Integer overflow in Autodesk Design Review ADR before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow...
CVE-2015-8572
CVE-2015-8572 affects Autodesk Design Review (ADR). Public details describe multiple buffer overflow vulnerabilities in ADR prior to the 2013 Hotfix 2, exploitable via crafted image data: (1) BMP or (2) FLI files, (3) encoded scan lines in PCX files, or (4) DataSubBlock or (5) GlobalColorTable in...
CVE-2015-8572
Multiple buffer overflows in Autodesk Design Review ADR before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a 1 BMP or 2 FLI file, 3 encoded scan lines in a PCX file, or 4 DataSubBlock or 5 GlobalColorTable in a GIF file...
Autodesk Design Review GIF GlobalColorTable Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of GIF files due to the rendering of GlobalColorTable when not specified. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current...
Autodesk Design Review BMP biClrUsed Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. Autodesk Design Review suffers from a security vulnerability in the handling of BMP files due to an integer overflow test failure when multiplying the biClrUsed value by four. An attacker could exploit this vulnerability to execute arbitrary cod...
Autodesk Design Review PCX Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. Autodesk Design Review suffers from a security vulnerability in the processing of PCX files due to a scanline decoding failure in an allocated buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of the...
Autodesk Design Review FLI RLE Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of FLI files due to a failure to ensure that execution length encoded data is written outside of an allocated buffer. An attacker could exploit this vulnerability to execute...
Autodesk Design Review GIF DataSubBlock Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of GIF files due to a failure to ensure that the size of the DataSubBlock is valid. An attacker could exploit this vulnerability to execute arbitrary code in the context of the...
Autodesk Design Review BMP RLE Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of BMP files due to a failure to ensure that run-length encoded data is written outside of an allocated buffer. An attacker could exploit this vulnerability to execute arbitrar...
Autodesk Design Review FLI RLE Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk Design Review PCX Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk Design Review BMP RLE Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk Design Review BMP biClrUsed Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk Design Review GIF DataSubBlock Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk Design Review GIF GlobalColorTable Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
KLA10725 Code execution vulnerabilities in Aurodesk Design Review
Multiple serious vulnerabilities have been found in Autodesk Design Review. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. Integer overflow can be exploited remotely via a specially designed BMP file; 2. Buffer overflows...
Autodesk Design Review Installed
Binary data autodeskdrinstalled.nbin...
Autodesk Design Review AdView.AdViewer ActiveX Control RCE
The remote host contains the AdView.AdViewer ActiveX control, distributed with Autodesk Design Review, that is affected by a remote code execution vulnerability due to improper parsing of DWF files. An unauthenticated, remote attacker can exploit this, via a specially crafted file or website, to...
CVE-2014-9268
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review ADR before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file...
Code injection
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review ADR before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file...