Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Mon, 18 Nov 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe animate Apple Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Adobe
Adobe animate Apple Apple macos Microsoft Microsoft windows |
Tue, 12 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 12 Nov 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Animate | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-11-12T16:14:27.739Z
Updated: 2024-11-12T17:23:37.270Z
Reserved: 2024-10-15T15:35:47.030Z
Link: CVE-2024-49527
Vulnrichment
Updated: 2024-11-12T17:23:30.505Z
NVD
Status : Analyzed
Published: 2024-11-12T17:15:09.240
Modified: 2024-11-18T18:39:52.213
Link: CVE-2024-49527
Redhat
No data.