Unrated severityNVD Advisory· Published Jul 23, 2014· Updated May 6, 2026

CVE-2014-3938

Description

Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow.

Affected products

Autodesk/Sketchbook Pro2 versions
cpe:2.3:a:autodesk:sketchbook_pro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:autodesk:sketchbook_pro:*:*:*:*:*:*:*:*range: <=6.2.5
- cpe:2.3:a:autodesk:sketchbook_pro:6.2.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/58000nvd
secunia.com/secunia_research/2014-6/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000