CVE-2024-49529

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 21, 2024
Updated: Dec 3, 2024
CWE ID 125

Summary

CVE-2024-49529 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions 19.0 and earlier. This issue represents an out-of-bounds read vulnerability, enabling an attacker to access sensitive memory content. By doing so, they could potentially bypass Address Space Layout Randomization (ASLR) protections. To exploit this weakness, a user must open a maliciously crafted file.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Indesign CS
  • Adobe InDesign

Affected Vendors

  • Adobe