CVE-2024-49528

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

CWE ID 787

Summary

CVE-2024-49528 is a newly disclosed vulnerability that impacts Animate versions 23.0.7 and prior, as well as 24.0.4. This issue is characterized as an out-of-bounds write vulnerability, which allows an attacker to write data past the intended boundary, potentially leading to arbitrary code execution. The exploitation of this flaw requires user interaction, as a victim must open a specially crafted file to be vulnerable. Successful exploitation could result in the attacker gaining the same privileges as the current user. Users are urged to update to the latest Animate version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Adobe Animate

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners