Out-of-Bounds Read Vulnerability in Adobe Media Encoder
CVE-2020-9649

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Media Encoder
Vendor: CVE Published:; 17 July 2020

What is CVE-2020-9649?

Adobe Media Encoder versions 14.2 and earlier contain an out-of-bounds read vulnerability that may allow attackers to gain unauthorized access to sensitive information. This could occur if the vulnerable application mishandles data, leading to potential data leaks under specific conditions. Users are strongly advised to update their software to the latest version to mitigate risks associated with this security flaw.

Affected Version(s)

Adobe Media Encoder 14.2 and earlier versions

References

https://helpx.adobe.com/security/products/media-encoder/a...

x_refsource_CONFIRM

https://www.zerodayinitiative.com/advisories/ZDI-20-882/

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2020
Vulnerability Reserved
Mar 2, 2020