CVE-2021-27033

A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Published: Jul 9, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-27033
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-415

Affected Software
References

Software	From	Fixed in
autodesk / design_review	2013	2013.x
autodesk / design_review	2012	2012.x
autodesk / design_review	2018	2018.x
autodesk / design_review	2011	2011.x
autodesk / design_review	2017	2017.x

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Vulnerability Database

289,697

CVE-2021-27033