Описание
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.5.4 (включая)
cpe:2.3:a:adobe:digital_editions:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08832
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-427
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.
EPSS
Процентиль: 92%
0.08832
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-427