Out-of-Bounds Write Vulnerability in Adobe Bridge by Adobe
CVE-2020-9674

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Bridge
Vendor: CVE Published:; 22 July 2020

What is CVE-2020-9674?

Adobe Bridge prior to version 10.0.4 is susceptible to an out-of-bounds write vulnerability, whereby an attacker could exploit this flaw to execute arbitrary code. This issue arises from improper handling of input, allowing an unauthorized user to manipulate memory structures. Organizations should ensure their software is up to date to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Adobe Bridge 10.0.3 and earlier versions

References

https://www.zerodayinitiative.com/advisories/ZDI-20-913/

x_refsource_MISC

https://helpx.adobe.com/security/products/bridge/apsb20-4...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2020
Vulnerability Reserved
Mar 2, 2020