Design Review
CVE-2015-8571
MEDIUM
Severity by source
AV:N/AC:M/Au:N/C:P/I:P/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:P/I:P/A:P
Lifecycle Timeline
1DescriptionCVE.org
Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow.
AnalysisAI
Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-189. Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow. Affected products include: Autodesk Design Review. Version information: before 2013.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Design Review
View allA maliciously crafted PDF file, when opened by a user in Autodesk Design Review, can trigger a Double Free vulnerability
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PD
Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitra
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerab
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerab
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerab
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption
Same weakness CWE-189 – Numeric Errors
View allShare
External POC / Exploit Code
Leaving vuln.today