Autodesk Design Review AdView.AdViewer ActiveX Control RCE
High Nessus Plugin ID 81318
SynopsisThe remote Windows host has an ActiveX control that is affected by a remote code execution vulnerability.
DescriptionThe remote host contains the AdView.AdViewer ActiveX control, distributed with Autodesk Design Review, that is affected by a remote code execution vulnerability due to improper parsing of DWF files. An unauthenticated, remote attacker can exploit this, via a specially crafted file or website, to execute arbitrary code.
SolutionApply the 2013 hotfix.
Note that older versions will need to be updated to 2013 before applying the hotfix.