A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0009 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2022, 17:56
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | CWE-415 | |
| CPE | cpe:2.3:a:autodesk:design_review:2011:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2017:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix5:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2013:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2012:-:*:*:*:*:*:* cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:* |
|
| References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0009 - Patch, Vendor Advisory |
29 Jul 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-07-29 20:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-27864
Mitre link : CVE-2022-27864
CVE.ORG link : CVE-2022-27864
JSON object : View
Products Affected
autodesk
- design_review
CWE
CWE-415
Double Free