Out-of-Bounds Read Vulnerability in Adobe Animate Affects Several Versions
CVE-2024-49527

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Animate
Vendor: CVE Published:; 12 November 2024

Summary

The affected versions of Adobe Animate are susceptible to an out-of-bounds read vulnerability that may allow attackers to disclose sensitive memory contents. This security flaw enables potential bypasses of security measures like Address Space Layout Randomization (ASLR). To exploit this vulnerability, an attacker must trick a victim into opening a specially crafted malicious file, which can lead to unauthorized access to certain memory areas.

References

https://helpx.adobe.com/security/products/animate/apsb24-...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024