Audition Under Fire: Out-of-Bounds Read Vulnerability Strikes
CVE-2024-41868

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Audition
Vendor: CVE Published:; 11 September 2024

Summary

Adobe Audition contains an out-of-bounds read vulnerability, particularly affecting versions 24.4.1, 23.6.6, and earlier. This issue allows for potential exposure of sensitive memory, which could be exploited by attackers to bypass certain security mitigations, including Address Space Layout Randomization (ASLR). Successful exploitation requires that a user inadvertently opens a malicious file, highlighting the importance of user vigilance and prompt software updates.

Affected Version(s)

Audition 0 <= 23.6.6

References

https://helpx.adobe.com/security/products/audition/apsb24...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Jul 22, 2024