NULL Pointer Dereference in Adobe Media Encoder Software
CVE-2024-49554

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Media Encoder
Vendor: CVE Published:; 10 December 2024

What is CVE-2024-49554?

Adobe Media Encoder is susceptible to a NULL Pointer Dereference vulnerability that could potentially lead to application crashes. This security flaw affects versions 25.0 and 24.6.3, along with earlier iterations of the software. Attackers can exploit this vulnerability by convincing a user to open a specially crafted malicious file, resulting in a denial of service condition. Users are advised to exercise caution and apply the latest updates to mitigate the risks associated with this issue. For more details, refer to the official documentation.

References

https://helpx.adobe.com/security/products/media-encoder/a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2024