The host is installed with Autodesk Design Review 2011, 2012, 2013, 2017 or 2018 14.x before 14.0.3.195 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle PICT or TIFF files. Successful exploitation could allow attackers to execute arbitrary code.