A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Design_review | Autodesk | 2011 (including) | 2011 (including) |
| Design_review | Autodesk | 2012 (including) | 2012 (including) |
| Design_review | Autodesk | 2013 (including) | 2013 (including) |
| Design_review | Autodesk | 2017 (including) | 2017 (including) |
| Design_review | Autodesk | 2018 (including) | 2018 (including) |
| Design_review | Autodesk | 2018-hotfix (including) | 2018-hotfix (including) |
| Design_review | Autodesk | 2018-hotfix2 (including) | 2018-hotfix2 (including) |
| Design_review | Autodesk | 2018-hotfix3 (including) | 2018-hotfix3 (including) |
| Design_review | Autodesk | 2018-hotfix4 (including) | 2018-hotfix4 (including) |
| Design_review | Autodesk | 2018-hotfix5 (including) | 2018-hotfix5 (including) |