CVE-2021-40160

Summary

PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
n/aRevit, Navisworks, Autodesk® Advance Steel, AutoCAD®, AutoCAD® Architecture, AutoCAD® Electrical, AutoCAD® Map 3D, AutoCAD® Mechanical, AutoCAD® MEP, AutoCAD® Plant 3D, AutoCAD® LT, Autodesk® Civil 3D, AutoCAD® Mac, AutoCAD® LT for Macprior to 9.0.7affected

Weaknesses

  • Out-of-bound Read Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References