Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Thu, 10 Oct 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Microsoft Microsoft windows |
Wed, 09 Oct 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe animate |
|
CPEs | cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:* | |
Vendors & Products |
Adobe
Adobe animate |
|
Metrics |
ssvc
|
Wed, 09 Oct 2024 09:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Animate | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-10-09T09:26:31.201Z
Updated: 2024-10-09T12:34:36.807Z
Reserved: 2024-09-24T17:40:22.368Z
Link: CVE-2024-47419
Vulnrichment
Updated: 2024-10-09T12:29:42.771Z
NVD
Status : Analyzed
Published: 2024-10-09T10:15:06.480
Modified: 2024-10-10T18:28:19.330
Link: CVE-2024-47419
Redhat
No data.