Adobe InDesign CC 2023 Memory Corruption Vulnerability III.
CVE-2023-44343

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Indesign Desktop
Vendor: CVE Published:; 29 February 2024

What is CVE-2023-44343?

Adobe InDesign versions ID18.5 and earlier, as well as ID17.4.2 and earlier, are susceptible to an out-of-bounds read vulnerability. This flaw permits an attacker to potentially disclose sensitive memory, undermining common security mitigations such as Address Space Layout Randomization (ASLR). Exploiting this vulnerability necessitates that the user opens a specially crafted file, highlighting the critical importance of maintaining cautious behavior when handling unknown documents.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

InDesign Desktop 0

References

https://helpx.adobe.com/security/products/indesign/apsb23...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Sep 28, 2023

JSON

Adobe