Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-22m7-p864-qh92

Опубликовано: 17 нояб. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

EPSS

Процентиль: 38%
0.00166
Низкий

7.8 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVSS3: 7.8
nvd
больше 1 года назад

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS3: 7.8
fstec
больше 1 года назад

Уязвимость программного обеспечения редактирования видео и динамических изображений Adobe After Effects, связанная с чтением за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 38%
0.00166
Низкий

7.8 High

CVSS3

Дефекты

CWE-125