Vulnerability Details CVE-2021-40160
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-40160
-
cpe:2.3:a:autodesk:advance_steel:2022
-
cpe:2.3:a:autodesk:advance_steel:2022.0.1
-
cpe:2.3:a:autodesk:autocad:2022
-
cpe:2.3:a:autodesk:autocad:2022.0.1
-
cpe:2.3:a:autodesk:autocad:2022.1
-
cpe:2.3:a:autodesk:autocad_architecture:2022
-
cpe:2.3:a:autodesk:autocad_architecture:2022.0.1
-
cpe:2.3:a:autodesk:autocad_electrical:2022
-
cpe:2.3:a:autodesk:autocad_electrical:2022.0.1
-
cpe:2.3:a:autodesk:autocad_lt:2022
-
cpe:2.3:a:autodesk:autocad_lt:2022.0.1
-
cpe:2.3:a:autodesk:autocad_lt:2022.1
-
cpe:2.3:a:autodesk:autocad_map_3d:2022
-
cpe:2.3:a:autodesk:autocad_map_3d:2022.0.1
-
cpe:2.3:a:autodesk:autocad_mechanical:2022
-
cpe:2.3:a:autodesk:autocad_mechanical:2022.0.1
-
cpe:2.3:a:autodesk:autocad_mep:2022
-
cpe:2.3:a:autodesk:autocad_mep:2022.0.1
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022.0.1
-
cpe:2.3:a:autodesk:civil_3d:2022
-
cpe:2.3:a:autodesk:civil_3d:2022.0.1
-
cpe:2.3:a:autodesk:design_review:2018
-
cpe:2.3:a:autodesk:navisworks:2019
-
cpe:2.3:a:autodesk:navisworks:2019.3
-
cpe:2.3:a:autodesk:navisworks:2019.4
-
cpe:2.3:a:autodesk:navisworks:2020
-
cpe:2.3:a:autodesk:navisworks:2020.1
-
cpe:2.3:a:autodesk:navisworks:2020.2
-
cpe:2.3:a:autodesk:navisworks:2020.3
-
cpe:2.3:a:autodesk:navisworks:2021
-
cpe:2.3:a:autodesk:navisworks:2021.1
-
cpe:2.3:a:autodesk:navisworks:2021.2
-
cpe:2.3:a:autodesk:navisworks:2022
-
cpe:2.3:a:autodesk:revit:2020
-
cpe:2.3:a:autodesk:revit:2021
-
cpe:2.3:a:autodesk:revit:2021.1.1
-
cpe:2.3:a:autodesk:revit:2021.1.2
-
cpe:2.3:a:autodesk:revit:2021.1.3
-
cpe:2.3:a:autodesk:revit:2022
-
cpe:2.3:a:autodesk:revit:2022.0.1