Kaspersky ID:
KLA10725
Detect Date:
10/28/2015
Updated:
06/03/2020

Description

Multiple serious vulnerabilities have been found in Autodesk Design Review. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities

  1. Integer overflow can be exploited remotely via a specially designed BMP file;
  2. Buffer overflows can be exploited remotely via a specially designed BMP, FLI, PCX or GIF files.

Technical details

Vulnerability (1) can be triggered via biClrUsed value.

Vulnerability (2) can be triggered via RLE data in BMP or FLI files, encoded scan lines in PCX file or DataSubBlock or GlobalColorTable in GIF file.

Original advisories

Related products

CVE list

  • CVE-2015-8571
    high
  • CVE-2015-8572
    high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky IT Security Calculator
Calculate
Check now
Learn more about cybersecurity on Kaspersky Encyclopedia
For free
Learn more
Confirm changes?
Your message has been sent successfully.