CVE-2019-7363
UnknownEPSS 1.30%
Last modified
CVE-2019-7363 is a vulnerability of currently unknown severity. Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.. EPSS estimates a 1.30% chance of exploitation in the next 30 days.
Description
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Autodesk | Design Review | 2011 |
| Autodesk | Design Review | 2012 |
| Autodesk | Design Review | 2013 |
| Autodesk | Design Review | 2018 |
References
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002Patch, Vendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-7363?
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
How severe is CVE-2019-7363?
Severity scoring for CVE-2019-7363 is pending analysis. The EPSS model estimates a 1.30% probability of exploitation in the next 30 days.
How do I fix CVE-2019-7363?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2019-7363?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST