8.8
CVE-2022-27864
- EPSS 0.86%
- Veröffentlicht 29.07.2022 20:15:12
- Zuletzt bearbeitet 21.11.2024 06:56:21
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Design Review Version2011 Update-
Autodesk ≫ Design Review Version2012 Update-
Autodesk ≫ Design Review Version2013 Update-
Autodesk ≫ Design Review Version2017 Update-
Autodesk ≫ Design Review Version2018 Update-
Autodesk ≫ Design Review Version2018 Updatehotfix
Autodesk ≫ Design Review Version2018 Updatehotfix2
Autodesk ≫ Design Review Version2018 Updatehotfix3
Autodesk ≫ Design Review Version2018 Updatehotfix4
Autodesk ≫ Design Review Version2018 Updatehotfix5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.86% | 0.742 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.