Out-of-Bounds Read Vulnerability in Adobe Bridge by Adobe
CVE-2024-34140

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Bridge
Vendor: CVE Published:; 9 July 2024

Summary

Adobe Bridge is vulnerable to an out-of-bounds read issue in versions 14.0.4, 13.0.7, and 14.1 and earlier. This vulnerability allows attackers to potentially access sensitive memory by exploiting a flaw that requires user interaction, specifically when a victim opens a malicious file. This flaw can potentially circumvent security mitigations such as ASLR, posing a significant risk to users of the affected applications. It is crucial for users to update their software and remain vigilant against such attacks.

References

https://helpx.adobe.com/security/products/bridge/apsb24-5...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024