CVE-2024-49529
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 21, 2024
Updated: Dec 3, 2024
CWE ID 125
Summary
CVE-2024-49529 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions 19.0 and earlier. This issue represents an out-of-bounds read vulnerability, enabling an attacker to access sensitive memory content. By doing so, they could potentially bypass Address Space Layout Randomization (ASLR) protections. To exploit this weakness, a user must open a maliciously crafted file.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Adobe Indesign CS
- Adobe InDesign
Affected Vendors
- Adobe