CVE-2024-39389
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-39389 is a newly disclosed vulnerability that impacts Adobe InDesign Desktop versions ID19.4 and ID18.5.2, and older releases. This issue is a stack-based Buffer Overflow vulnerability, which can lead to arbitrary code execution in the context of the current user. A victim must open a specially crafted file to exploit this vulnerability, making it potentially dangerous for users who receive unverified files from untrusted sources. Successful exploitation could give attackers control over the affected system, allowing them to install programs, view, change or delete data, or create new accounts with full user rights. Adobe recommends that users update their software as soon as possible to protect against this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Indesign CS
- Adobe InDesign
Affected Vendors
- Adobe