Out-of-Bounds Read Vulnerability in Adobe Framemaker
CVE-2024-47421

7.8HIGH

Key Information:

Vendor: Adobe
Status: Framemaker
Vendor: CVE Published:; 9 October 2024

What is CVE-2024-47421?

Adobe Framemaker versions 2020.6, 2022.4, and earlier experience an out-of-bounds read vulnerability that occurs when processing specially crafted files. This issue allows an attacker to read beyond the intended memory boundaries, potentially leading to unauthorized access and arbitrary code execution in the context of the current user. Successful exploitation necessitates the victim to open a maliciously crafted file, making user interaction a critical factor in the attack vector. It is advisable for users to update their software to mitigate this risk. For more information, refer to the Adobe security bulletin.

References

https://helpx.adobe.com/security/products/framemaker/apsb...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2024