CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34123 – Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
https://notcve.org/view.php?id=CVE-2024-34123
Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur when the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction, attack complexity is high. Las versiones 23.6.5, 24.4.1 y anteriores de Premiere Pro se ven afectadas por una vulnerabilidad de ruta de búsqueda no confiable que podría provocar la ejecución de código arbitrario. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 34%CPEs: 4EXPL: 0CVE-2023-47055 – ZDI-CAN-21765: Adobe Premiere Pro M4A File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47055
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Premiere Pro versión 24.0 (y anteriores) y 23.6 (y anteriores) se ven afectados por una vulnerabilidad Use After Free que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. • https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47056 – ZDI-CAN-21763: Adobe Premiere Pro MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47056
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Premiere Pro versión 24.0 (y anteriores), 23.6 (y anteriores), están afectadas por una vulnerabilidad de desbordamiento del búfer en la región Heap de la memoria que podría resultar en una ejecución de código arbitrario en el contexto del usuario actual. Es requerida una interacción del usuario para explotar este problema, ya que la víctima debe abrir un archivo malicioso. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. • https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47057 – ZDI-CAN-21764: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47057
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Premiere Pro versiones 24.0 (y anteriores) y 23.6 (y anteriores), están afectadas por una vulnerabilidad de escritura fuera de límites que podría resultar en una ejecución de código arbitrario en el contexto del usuario actual. Una explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. • https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47058 – ZDI-CAN-21766: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47058
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Premiere Pro versión 24.0 (y anteriores) y 23.6 (y anteriores) se ven afectados por una vulnerabilidad de lectura fuera de los límites al analizar un archivo manipulado, lo que podría dar lugar a una lectura más allá del final de una estructura de memoria asignada. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. • https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html • CWE-125: Out-of-bounds Read •