Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Adobe After Effects Memory corruption could lead to code execution vulnerability
Vulnerability Description
Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
Adobe After Effects 缓冲区错误漏洞
Vulnerability Description
Adobe After Effects是美国奥多比(Adobe)公司的一套视觉效果和动态图形制作软件。该软件主要用于2D和3D合成、动画制作和视觉特效制作等。 Adobe After Effects 存在缓冲区错误漏洞,该漏洞源于程序处理不可信输入时出现边界错误,远程攻击者利用该漏洞可以创建一个专门制作的文件,诱骗受害者使用受影响的软件打开它,在目标系统上触发越界写入和执行任意代码。以下产品和版本受到影响: Adobe After Effects 10.0, 10.0.1, 10.0.2, 10.5, 1
CVSS Information
N/A
Vulnerability Type
N/A