9 matches found
CVE-2021-40163
CVE-2021-40163 is a memory corruption vulnerability in Autodesk Image Processing component that can lead to code execution via a malicious DLL. The NVD entry notes local attack vector, user interaction required, with a base score of 7.8 (HIGH). The issue is repeatedly described across sources as ...
CVE-2023-25003
CVE-2023-25003 affects Autodesk AutoCAD 2023 and Autodesk Maya 2022 via a malicious pskernel.dll that enables out-of-bounds read/write conditions, potentially leading to code execution. The issue is caused by a vulnerability in the pskernel.dll handling, with exploitation implied by references to...
CVE-2021-40166
CVE-2021-40166 affects Autodesk Image Processing: parsing of a malicious PNG can trigger a use-after-free by freeing an object that has already been freed, potentially allowing arbitrary code execution. Documented impact is arbitrary code execution; no specific remediation/version fixes are state...
CVE-2023-29068
CVE-2023-29068 : A maliciously crafted file consumed through the Autodesk pskernel.dll can cause memory corruption, which in conjunction with other vulnerabilities could lead to code execution in the context of the current process. The issue is associated with Autodesk products using pskernel.dll...
CVE-2021-40162
CVE-2021-40162 affects Autodesk Image Processing: a vulnerability where parsing TIFF/PICT/TGA/RLC files may cause reads beyond allocated boundaries, enabling arbitrary code execution. Root cause is in the image-processing component's handling of external image formats. Impact is high (AV Local, U...
CVE-2021-40164
This CVE affects Autodesk Image Processing. A heap-based buffer overflow can occur while parsing TIFF, PICT, TGA, or RLC files, enabling arbitrary code execution. Root cause: improper handling during image parsing. Impact is high per sources; exploitation is possible when processing malformed ima...
CVE-2021-40165
Summary: CVE-2021-40165 affects Autodesk Image Processing components. A crafted TIFF/PICT/TGA/RLC file can cause a write past the allocated buffer during parsing, potentially allowing arbitrary code execution. The CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector, low attack complexity, ...
CVE-2023-25004
CVE-2023-25004 involves a maliciously crafted pskernel.dll in Autodesk products that triggers an integer overflow vulnerability, potentially enabling code execution. Connected advisories document affected Autodesk components such as InfraWorks and VRED variants and describe exploitation possibili...
CVE-2023-25005
CVE-2023-25005 affects Autodesk InfraWorks 2021–2023. A malicious DLL can cause reads beyond allocated boundaries when parsing DLLs, leading to a resource injection issue. Some sources describe use-after-free pathways that may enable code execution. Remediation is provided by Autodesk via securit...