CVE-2023-47042
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 16, 2023
Updated: Nov 22, 2023
CWE ID 787
CWE ID 122
Summary
CVE-2023-47042 is a critical vulnerability affecting Adobe Media Encoder versions 24.0.2 and earlier, as well as 23.6 and earlier. This issue is a Heap-based Buffer Overflow vulnerability, which permits an attacker to write beyond the bounds of an allocated memory block. Consequences of exploiting this flaw include arbitrary code execution, meaning an attacker can execute malicious instructions in the context of the current user. The vulnerability can be triggered by opening a specially crafted file, necessitating user interaction for successful exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Adobe Media Encoder
Affected Vendors
- Adobe