CVE-2024-39393

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024
Updated: Aug 19, 2024
CWE ID 125

Summary

CVE-2024-39393 is a newly disclosed out-of-bounds read vulnerability affecting Adobe InDesign Desktop versions ID19.4, ID18.5.2, and older. This issue arises when InDesign fails to properly manage memory while processing crafted files, resulting in the application reading data beyond the designated bounds. An attacker can capitalize on this vulnerability by crafting a malicious file and tricking a user into opening it. Successful exploitation allows the attacker to execute code in the context of the current user.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Indesign CS
  • Adobe InDesign

Affected Vendors

  • Adobe