Adobe Animate FLA File Parsing Use After Free Remote Code Execution

Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

释放后使用

Adobe Animate 资源管理错误漏洞

Adobe Animate是美国奥多比（Adobe）公司的一套Flash动画制作软件。 Adobe Animate存在资源管理错误漏洞，该漏洞的存在是由于在处理不受信任的输入时出现边界错误。远程攻击者可利用该漏洞可以触发内存损坏并在目标系统上执行任意代码。该漏洞允许远程攻击者可利用该漏洞在系统上执行任意代码。

N/A

N/A