CVE-2021-27031

Sažetak

A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.

Reference

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001
https://www.zerodayinitiative.com/advisories/ZDI-21-468/
https://www.zerodayinitiative.com/advisories/ZDI-21-1069/

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

16-09-2021 - 13:21

Objavljeno

19-04-2021 - 16:15