Heap Overflow Vulnerability in Adobe DNG Software Development Kit
CVE-2020-9590

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Dng Software Development Kit (sdk)
Vendor: CVE Published:; 26 June 2020

Summary

The Adobe DNG Software Development Kit (SDK) versions 1.5 and earlier contain a heap overflow vulnerability. If exploited, this flaw could enable an attacker to execute arbitrary code on the affected system, potentially leading to severe consequences. Users of the DNG SDK should ensure they are using the latest versions to mitigate this security risk. For more details, please refer to the official Adobe security advisory.

Affected Version(s)

Adobe DNG Software Development Kit (SDK) Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions

References

https://helpx.adobe.com/security/products/dng-sdk/apsb20-...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2020
Vulnerability Reserved
Mar 2, 2020