CVE-2021-27037
Summary
| CVE | CVE-2021-27037 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-07-09 15:15:00 UTC |
| Updated | 2022-05-12 16:38:00 UTC |
| Description | A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code. |
Risk And Classification
Problem Types: CWE-416
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | Design Review | 2011 | All | All | All |
| Application | Autodesk | Design Review | 2012 | All | All | All |
| Application | Autodesk | Design Review | 2013 | All | All | All |
| Application | Autodesk | Design Review | 2017 | All | All | All |
| Application | Autodesk | Design Review | 2018 | All | All | All |
| Application | Autodesk | Design Review | 2018 | - | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix | All | All |
| Application | Autodesk | Design Review | 2018 | hotfix2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDI-22-459 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 375926 Autodesk Design Review Multiple Vulnerabilities (ADSK-SA-2021-0003)