CVE-2021-27037: Use After Free
First published: Fri Jul 09 2021(Updated: )
A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Design Review | =2011 | |
| Autodesk Design Review | =2012 | |
| Autodesk Design Review | =2013 | |
| Autodesk Design Review | =2017 | |
| Autodesk Design Review | =2018 | |
| Autodesk Design Review | =2018-hotfix | |
| Autodesk Design Review | =2018-hotfix2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-27037?
CVE-2021-27037 is a vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, and 2011 that allows remote attackers to execute arbitrary code by exploiting a flaw in parsing maliciously crafted PNG, PDF, or DWF files.
How severe is CVE-2021-27037?
CVE-2021-27037 has a severity level of 7.8, which is considered high.
Which versions of Autodesk Design Review are affected by CVE-2021-27037?
Autodesk Design Review versions 2018, 2017, 2013, 2012, and 2011 are affected by CVE-2021-27037.
How can CVE-2021-27037 be exploited?
CVE-2021-27037 can be exploited by remote malicious actors through the use of specially crafted PNG, PDF, or DWF files in Autodesk Design Review.
Is there a fix available for CVE-2021-27037?
It is recommended to update to the latest version of Autodesk Design Review to mitigate the vulnerability associated with CVE-2021-27037.
- collector/nvd-index
- vendor/autodesk
- canonical/autodesk design review
- version/autodesk design review/2011
- version/autodesk design review/2012
- version/autodesk design review/2013
- version/autodesk design review/2017
- version/autodesk design review/2018
- version/autodesk design review/2018-hotfix
- version/autodesk design review/2018-hotfix2