Autodesk: >> Infraworks >> 2021.2 Security Vulnerabilities
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-05-12
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-07
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-10-07
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-07
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-07
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-07