CVE-2021-27033 Information

Description

A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018 2017 2013 2012 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8