9 matches found
CVE-2022-25794
Autodesk FBX Review (versions 1.5.2 and earlier) is affected by an Out-of-Bounds Read vulnerability in the ABC file parsing path. The issue can allow reading beyond allocated memory when processing ActionScript Byte Code (ABC) files, potentially leading to information disclosure and, in conjuncti...
CVE-2021-27027
Autodesk FBX Review is affected (versions 1.5.0 and prior) by an Out-of-Bounds read/write vulnerability in FBX file parsing. The issue can lead to arbitrary code execution or information disclosure; exploitation requires user interaction (e.g., opening a crafted FBX file) and is associated with Z...
CVE-2021-27028
CVE-2021-27028 is a memory corruption vulnerability in Autodesk FBX Review (versions up to 1.5.0) that can lead to remote code execution when processing crafted DLLs. The vulnerability lies in the FBX file parsing path, as described by multiple sources (ZDI advisories and vendor notices), which c...
CVE-2021-40157
Autodesk FBX Review is affected by CVE-2021-40157 due to an Untrusted Pointer Dereference in the FBX Review parser. The issue occurs when processing FBX files (DAE/FBX) and can allow arbitrary code execution on the target system. Affected version: FBX Review 1.5.0 and prior. Exploitation requires...
CVE-2021-27044
Autodesk FBX Review 1.4.0 is affected by an Out-of-Bounds Read/Write vulnerability in FBX file parsing that can lead to remote code execution or information disclosure. Multiple connected sources corroborate a memory corruption issue when parsing FBX content, exploitable via malicious DLLs, with ...
CVE-2021-27030
Autodesk FBX Review contains a directory traversal vulnerability in its ZIP file parsing that can lead to Remote Code Execution when a user opens a malicious FBX file. The flaw exists in FBX Review versions around 1.4.1.0; exploitation requires user interaction (the target must open a crafted FBX...
CVE-2021-27031
CVE-2021-27031 affects Autodesk FBX Review. The vulnerability is a use-after-free flaw in FBX Review’s file parsing (FBX/DAE) that can allow remote code execution when a user opens a malicious FBX file. Exploitation requires user interaction (e.g., opening a malicious file/page). Current connecte...
CVE-2024-23139
Autodesk FBX Review is affected by CVE-2024-23139 through parsing of ActionScript Byte Code ABC files. The issue is an out-of-bounds write in the ABC file parser that can crash, corrupt data, or allow arbitrary code execution in the process context. Affected are Autodesk FBX Review versions 1.5.3...
CVE-2021-27029
Autodesk FBX Review CVE-2021-27029 affects FBX Review (versions up to and including 1.5.0; some sources reference 1.4.1.0). The vulnerability is a null pointer dereference in the FBX file parsing code, triggered when a user is tricked into opening a malicious FBX file. Impact is a crash; some sou...