CVE-2022-27864

A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Published: Jul 29, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-27864
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-415

Affected Software
References

Software	From	Fixed in
autodesk / design_review	2018-hotfix	2018-hotfix.x
autodesk / design_review	2018-hotfix2	2018-hotfix2.x
autodesk / design_review	2018-hotfix3	2018-hotfix3.x
autodesk / design_review	2018-hotfix4	2018-hotfix4.x
autodesk / design_review	2018	2018.x
autodesk / design_review	2018-hotfix5	2018-hotfix5.x
autodesk / design_review	2017	2017.x
autodesk / design_review	2013	2013.x
autodesk / design_review	2012	2012.x
autodesk / design_review	2011	2011.x

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0009

Vulnerability Database

289,697

CVE-2022-27864