CVE-2024-39393 – Adobe Indesign 2024 PCT File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39393
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •
CVE-2024-39389 – Adobe Indesign PDF File Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39389
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-121: Stack-based Buffer Overflow •
CVE-2024-39395 – Adobe Indesign 2024 DOC File Parsing Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2024-39395
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-476: NULL Pointer Dereference •
CVE-2024-39394 – Adobe Indesign 2024 PDF File Parsing Out Of Bound Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39394
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •
CVE-2024-39392 – Adobe Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39392
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones ID18.5.2, ID19.3 y anteriores de InDesign Desktop se ven afectadas por una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •