Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for storm_and_sanitary_analysis by autodesk

    CVE-2021-40166 (GCVE-0-2021-40166)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Use-After-Free
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40166",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40165 (GCVE-0-2021-40165)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40165",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.537Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40164 (GCVE-0-2021-40164)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Heap-based Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap-based Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40164",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.502Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40163 (GCVE-0-2021-40163)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
    Severity
    No CVSS data available.
    CWE
    • Memory Corruption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40163",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40162 (GCVE-0-2021-40162)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-Band Read
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.539Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Band Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40162",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40166 (GCVE-0-2021-40166)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Use-After-Free
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40166",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40162 (GCVE-0-2021-40162)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-Band Read
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.539Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Band Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40162",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40165 (GCVE-0-2021-40165)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40165",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.537Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40164 (GCVE-0-2021-40164)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Heap-based Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap-based Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40164",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.502Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40163 (GCVE-0-2021-40163)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
    Severity
    No CVSS data available.
    CWE
    • Memory Corruption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40163",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }