Описание
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Уязвимость программное обеспечение редактирования видео и динамических изображений Adobe After Effects, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3
9.3 Critical
CVSS2