Lucene search

AdobeAPSB18-11

HistoryApr 10, 2018 - 12:00 a.m.

APSB18-11 Security update available for InDesign CC

2018-04-1000:00:00

helpx.adobe.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

34.0%

JSON

Adobe has released a security update for Adobe InDesign CC. This update resolves a critical memory corruption vulnerability (CVE-2018-4928) caused by unsafe parsing of a specially crafted .inx file. This update also resolves an untrusted search path vulnerability (CVE-2018-4927) in the InDesign installer rated Important.

CPENameOperatorVersion
adobe indesign ccle13

CPE	Name	Operator	Version
	adobe indesign cc	le	13

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

34.0%

JSON

Related for APSB18-11