CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39425 – Security vulnerability in AdobeARMHelper
https://notcve.org/view.php?id=CVE-2024-39425
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34127 – Adobe Indesign TIF File Parsing Out Of Bound Read
https://notcve.org/view.php?id=CVE-2024-34127
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41850 – Adobe Indesign 2024 TIF File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-41850
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41854 – Adobe Indesign 2024 PDF File parsing memory corruption
https://notcve.org/view.php?id=CVE-2024-41854
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39391 – Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability
https://notcve.org/view.php?id=CVE-2024-39391
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •