This vulnerability can be exploited by remote attackers to execute arbitrary code. CVE-2021-27037 – A maliciously crafted PNG, PDF or DWF file can be used to attempt to free an object that has already been freed while parsing them. ![]() This vulnerability can be exploited to execute arbitrary code. CVE-2021-27036 – A maliciously crafted PDF, PICT, or TIFF file can be used to write beyond the allocated buffer while parsing PDF, PICT, or TIFF files.CVE-2021-27035 – A maliciously crafted TIFF, PDF, PICT or DWF files can be forced to read beyond allocated boundaries when parsing the TIFF, PDF, PICT or DWF files.CVE-2021-27034 – A heap-based buffer overflow could occur while parsing PICT or TIFF files.User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. CVE-2021-27033 – A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review.When corporate employees run the file, the attacker can directly execute arbitrary code on the employee’s host, thereby breaking through the corporate defense strategy and directly invading the corporate office network segment. Attackers usually use social engineering methods to disguise their identities as job applicants and other identities to send files containing malicious code to corporate employees. Autodesk products are usually used on employee office machines on corporate intranets.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |