Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

跨界内存读

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign是美国奥多比（Adobe）公司的一套排版编辑应用程序。 Adobe InDesign存在安全漏洞，该漏洞源于越界读取导致任意代码执行。以下版本受到影响：基于Windows和macOS的17.3及之前的版本、基于Windows和macOS的16.4.2及之前的版本。

N/A

N/A