7 matches found
CVE-2021-40163
CVE-2021-40163 is a memory corruption vulnerability in Autodesk Image Processing component that can lead to code execution via a malicious DLL. The NVD entry notes local attack vector, user interaction required, with a base score of 7.8 (HIGH). The issue is repeatedly described across sources as ...
CVE-2021-40166
CVE-2021-40166 affects Autodesk Image Processing: parsing of a malicious PNG can trigger a use-after-free by freeing an object that has already been freed, potentially allowing arbitrary code execution. Documented impact is arbitrary code execution; no specific remediation/version fixes are state...
CVE-2021-40162
CVE-2021-40162 affects Autodesk Image Processing: a vulnerability where parsing TIFF/PICT/TGA/RLC files may cause reads beyond allocated boundaries, enabling arbitrary code execution. Root cause is in the image-processing component's handling of external image formats. Impact is high (AV Local, U...
CVE-2021-40164
This CVE affects Autodesk Image Processing. A heap-based buffer overflow can occur while parsing TIFF, PICT, TGA, or RLC files, enabling arbitrary code execution. Root cause: improper handling during image parsing. Impact is high per sources; exploitation is possible when processing malformed ima...
CVE-2021-40165
Summary: CVE-2021-40165 affects Autodesk Image Processing components. A crafted TIFF/PICT/TGA/RLC file can cause a write past the allocated buffer during parsing, potentially allowing arbitrary code execution. The CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector, low attack complexity, ...
CVE-2025-1276
CVE-2025-1276 : A maliciously crafted DWG file, when parsed by Autodesk applications, can trigger an Out-of-Bounds Write vulnerability. Impacted behavior includes a crash, data corruption, or arbitrary code execution in the context of the affected process. The root cause is an out-of-bounds write...
CVE-2025-5039
The CVE-2025-5039 issue is described as a vulnerability in Autodesk applications where loading files with a maliciously crafted binary can trigger arbitrary code execution in the current process due to an untrusted search path. Affected products include Autodesk Navisworks Manage and other Autode...