Design Review
by Autodesk
CVEs (34)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4472 | 0.04 | — | 0.08 | Oct 7, 2008 | The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method. | |||
| CVE-2008-4471 | 0.04 | — | 0.07 | Oct 7, 2008 | Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the… | |||
| CVE-2022-42933 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42938 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-41309 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42943 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current… | |||
| CVE-2022-42939 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-42941 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current… | |||
| CVE-2022-42936 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42935 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42934 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42937 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-42944 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current… | |||
| CVE-2022-42942 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current… | |||
| CVE-2022-42940 | 0.00 | — | 0.00 | Oct 21, 2022 | A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-41306 | 0.00 | — | 0.00 | Oct 14, 2022 | A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current… | |||
| CVE-2022-33889 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. | |||
| CVE-2022-33890 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-27866 | 0.00 | — | 0.00 | Jul 29, 2022 | A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the… | |||
| CVE-2022-27865 | 0.00 | — | 0.00 | Jul 29, 2022 | A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. |
- CVE-2008-4472Oct 7, 2008risk 0.04cvss —epss 0.08
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
- CVE-2008-4471Oct 7, 2008risk 0.04cvss —epss 0.07
Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the…
- CVE-2022-42933Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42938Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-41309Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42943Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…
- CVE-2022-42939Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-42941Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…
- CVE-2022-42936Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42935Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42934Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42937Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-42944Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…
- CVE-2022-42942Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…
- CVE-2022-42940Oct 21, 2022risk 0.00cvss —epss 0.00
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-41306Oct 14, 2022risk 0.00cvss —epss 0.00
A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…
- CVE-2022-33889Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.
- CVE-2022-33890Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-27866Jul 29, 2022risk 0.00cvss —epss 0.00
A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…
- CVE-2022-27865Jul 29, 2022risk 0.00cvss —epss 0.00
A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code.
Page 1 of 2