CVE-2020-3764

Опубликовано: 20 фев. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Ссылки

https://helpx.adobe.com/security/products/media-encoder/apsb20-10.html
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-331/
Third Party Advisory
VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-20-332/
Third Party Advisory
VDB Entry
https://helpx.adobe.com/security/products/media-encoder/apsb20-10.html
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-331/
Third Party Advisory
VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-20-332/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*

Версия до 14.0.2 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01503

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-jcjp-9xp8-pch4

github

больше 3 лет назад