NULL Pointer Dereference in Adobe Bridge Software Vulnerability
CVE-2024-47458

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Bridge
Vendor: CVE Published:; 12 November 2024

Summary

A NULL Pointer Dereference vulnerability exists in Adobe Bridge versions 13.0.9, 14.1.2, and earlier, which can be exploited to cause a denial-of-service (DoS) condition. By convincing a user to open a specially crafted malicious file, an attacker can trigger this flaw, resulting in an application crash. This situation emphasizes the need for vigilance when handling files from untrusted sources, as user interaction is crucial for the exploitation of this vulnerability.

References

https://helpx.adobe.com/security/products/bridge/apsb24-7...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024