CVE-2024-39395

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2024
Updated: Aug 19, 2024
CWE ID 476

Summary

CVE-2024-39395 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions ID19.4 and ID18.5.2, and older releases. This issue involves a NULL Pointer Dereference vulnerability, which an attacker can exploit to cause an application denial-of-service (DoS) condition. To execute this attack, the attacker needs the victim to open a specially crafted file, making user interaction a prerequisite for exploitation. This vulnerability could lead to unwanted downtime or disruptions for affected users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Indesign CS
  • Adobe InDesign

Affected Vendors

  • Adobe