CVE-2015-8572
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
15/12/2015
Last modified:
12/04/2025
Description
Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file.
Impact
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:autodesk:design_review:2013:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.zerodayinitiative.com/advisories/ZDI-15-615
- http://www.zerodayinitiative.com/advisories/ZDI-15-616
- http://www.zerodayinitiative.com/advisories/ZDI-15-618
- http://www.zerodayinitiative.com/advisories/ZDI-15-619
- http://www.zerodayinitiative.com/advisories/ZDI-15-620
- https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html
- http://www.zerodayinitiative.com/advisories/ZDI-15-615
- http://www.zerodayinitiative.com/advisories/ZDI-15-616
- http://www.zerodayinitiative.com/advisories/ZDI-15-618
- http://www.zerodayinitiative.com/advisories/ZDI-15-619
- http://www.zerodayinitiative.com/advisories/ZDI-15-620
- https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html