Out-of-Bounds Read Vulnerability in Adobe Framemaker Products
CVE-2025-30303

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Adobe Framemaker
Vendor: CVE Published:; 8 April 2025

Summary

Adobe Framemaker versions 2020.8, 2022.6, and earlier are susceptible to an out-of-bounds read vulnerability. This issue could allow unauthorized access to sensitive information in memory. Attackers may exploit this vulnerability by persuading a user to open a specially crafted file, thus bypassing existing mitigations such as Address Space Layout Randomization (ASLR). It's crucial for users to be cautious and restrict the opening of untrusted documents.

Affected Version(s)

Adobe Framemaker 0 <= 2022.6

References

https://helpx.adobe.com/security/products/framemaker/apsb...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 20, 2025