CVE-2024-39389

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024
Updated: Aug 19, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2024-39389 is a newly disclosed vulnerability that impacts Adobe InDesign Desktop versions ID19.4 and ID18.5.2, and older releases. This issue is a stack-based Buffer Overflow vulnerability, which can lead to arbitrary code execution in the context of the current user. A victim must open a specially crafted file to exploit this vulnerability, making it potentially dangerous for users who receive unverified files from untrusted sources. Successful exploitation could give attackers control over the affected system, allowing them to install programs, view, change or delete data, or create new accounts with full user rights. Adobe recommends that users update their software as soon as possible to protect against this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Indesign CS
  • Adobe InDesign

Affected Vendors

  • Adobe