Out-of-Bounds Write Vulnerability in Adobe Bridge
CVE-2024-41840

7.8HIGH

Key Information:

Vendor: Adobe
Status: Bridge
Vendor: CVE Published:; 14 August 2024

What is CVE-2024-41840?

Adobe Bridge versions 13.0.8 and 14.1.1, along with earlier releases, exhibit a vulnerability categorized as an out-of-bounds write. This flaw can potentially allow attackers to execute arbitrary code within the context permitted to the current user. Exploitation of this vulnerability necessitates user action, specifically requiring the victim to open a maliciously crafted file. As such, users should exercise caution and ensure their software is up to date to mitigate risks associated with this vulnerability.

References

https://helpx.adobe.com/security/products/bridge/apsb24-5...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024