InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Sat, 16 Nov 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Microsoft Microsoft windows |
Wed, 13 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe indesign |
|
CPEs | cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:* | |
Vendors & Products |
Adobe
Adobe indesign |
|
Metrics |
ssvc
|
Tue, 12 Nov 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | InDesign Desktop | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-11-12T20:45:26.631Z
Updated: 2024-11-13T14:38:59.852Z
Reserved: 2024-10-15T15:35:47.026Z
Link: CVE-2024-49510
Vulnrichment
Updated: 2024-11-13T14:27:07.639Z
NVD
Status : Analyzed
Published: 2024-11-12T21:15:13.273
Modified: 2024-11-16T00:35:01.073
Link: CVE-2024-49510
Redhat
No data.