Описание
Multiple serious vulnerabilities have been found in Autodesk Design Review. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Below is a complete list of vulnerabilities
- Integer overflow can be exploited remotely via a specially designed BMP file;
- Buffer overflows can be exploited remotely via a specially designed BMP, FLI, PCX or GIF files.
Technical details
Vulnerability (1) can be triggered via biClrUsed value.
Vulnerability (2) can be triggered via RLE data in BMP or FLI files, encoded scan lines in PCX file or DataSubBlock or GlobalColorTable in GIF file.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2015-8571 high
- CVE-2015-8572 high
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!