#VU54343 Out-of-bounds read in Autodesk Design Review - CVE-2021-27035

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition when processing TIFF, PDF, PICT, TGA, PCX or DWF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Remediation

External links

• https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0003
• https://www.zerodayinitiative.com/advisories/ZDI-21-753/
• https://www.zerodayinitiative.com/advisories/ZDI-21-752/
• https://www.zerodayinitiative.com/advisories/ZDI-21-751/
• https://www.zerodayinitiative.com/advisories/ZDI-21-750/
• https://www.zerodayinitiative.com/advisories/ZDI-21-749/
• https://www.zerodayinitiative.com/advisories/ZDI-21-742/
• https://www.zerodayinitiative.com/advisories/ZDI-21-741/
• https://www.zerodayinitiative.com/advisories/ZDI-21-739/
• https://www.zerodayinitiative.com/advisories/ZDI-21-738/
• https://www.zerodayinitiative.com/advisories/ZDI-21-737/
• https://www.zerodayinitiative.com/advisories/ZDI-21-736/
• https://www.zerodayinitiative.com/advisories/ZDI-21-731/
• https://www.zerodayinitiative.com/advisories/ZDI-21-727/
• https://www.zerodayinitiative.com/advisories/ZDI-21-726/
• https://www.zerodayinitiative.com/advisories/ZDI-21-724/
• https://www.zerodayinitiative.com/advisories/ZDI-21-723/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1140/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1139/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1137/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1136/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1135/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1134/
• https://www.zerodayinitiative.com/advisories/ZDI-21-1133/
• https://www.zerodayinitiative.com/advisories/ZDI-22-481/
• https://www.zerodayinitiative.com/advisories/ZDI-22-480/