Heap Overflow Vulnerability in Adobe After Effects Software
CVE-2020-9638

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe After Effects
Vendor: CVE Published:; 25 June 2020

Summary

A heap overflow vulnerability exists in Adobe After Effects, allowing an attacker to exploit the software versions 17.1 and earlier. Successful exploitation may enable arbitrary code execution, posing significant risks to affected systems. This occurs when the application does not properly manage memory, leading to inconsistencies and potential injection of malicious code. Users are advised to update to the latest versions to mitigate these risks.

Affected Version(s)

Adobe After Effects 17.1 and earlier versions

References

https://helpx.adobe.com/security/products/after_effects/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 25, 2020
Vulnerability Reserved
Mar 2, 2020