Autodesk SketchBook Pro < 6.2.6 Multiple Overflow Vulnerabilities

High Nessus Plugin ID 77370


The remote host has a graphics editing application installed that is affected by multiple overflow vulnerabilities.


The version of Autodesk SketchBook Pro installed on the remote host is prior to 6.2.6. It is, therefore, affected by integer and heap-based buffer overflow vulnerabilities. Using a specially crafted PSD or PXD file, an attacker could cause a denial of service or execute arbitrary code.


Upgrade to SketchBook Pro 6.2.6 or later.

See Also

Plugin Details

Severity: High

ID: 77370

File Name: autodesk_sketchbook_pro_CVE-2014-3938.nasl

Version: $Revision: 1.1 $

Type: local

Agent: windows

Family: Windows

Published: 2014/08/25

Modified: 2014/08/25

Dependencies: 77367

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:autodesk:sketchbook, cpe:/a:autodesk:sketchbook_pro

Required KB Items: SMB/Registry/Enumerated, installed_sw/Autodesk SketchBook

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/07/08

Vulnerability Publication Date: 2014/07/18

Reference Information

CVE: CVE-2014-3938, CVE-2014-3939

BID: 68887

OSVDB: 109275, 109276