A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001 | Patch Vendor Advisory |
Configurations
History
16 Jun 2022, 21:07
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001 - Patch, Vendor Advisory | |
CWE |
03 May 2022, 16:04
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-119 |
18 Apr 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
27 Sep 2021, 19:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:autodesk:fbx_review:*:*:*:*:*:*:*:* | |
CWE | CWE-476 | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 7.8 |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0002 - Not Applicable |
15 Sep 2021, 15:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-09-15 15:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-40157
Mitre link : CVE-2021-40157
CVE.ORG link : CVE-2021-40157
JSON object : View
Products Affected
autodesk
- fbx_review
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer