Описание
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:design_review:2011:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2012:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2013:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2017:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:*
cpe:2.3:a:autodesk:design_review:2018:hotfix5:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00855
Низкий
8.8 High
CVSS3
Дефекты
CWE-415
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
EPSS
Процентиль: 75%
0.00855
Низкий
8.8 High
CVSS3
Дефекты
CWE-415