Lucene search

[email protected]CVE-2014-3939

HistoryJul 23, 2014 - 2:55 p.m.

CVE-2014-3939

2014-07-2314:55:06

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-3939

heap-based buffer overflow

autodesk sketchbook pro

remote code execution

pxd file

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.7%

JSON

Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file.

Affected configurations

NVD

Node

autodesksketchbook_proRange≤6.2.5

autodesksketchbook_proMatch6.2.4

CPENameOperatorVersion
autodesk:sketchbook_proautodesk sketchbook prole6.2.5
autodesk:sketchbook_proautodesk sketchbook proeq6.2.4

CPE	Name	Operator	Version
autodesk:sketchbook_pro	autodesk sketchbook pro	le	6.2.5
autodesk:sketchbook_pro	autodesk sketchbook pro	eq	6.2.4

References

secunia.com/advisories/58000

secunia.com/secunia_research/2014-7/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.7%

JSON

Related for CVE-2014-3939

nvd1 prion1 cvelist1 nessus2