Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
adobeAdobeAPSB23-22
HistoryMar 14, 2023 - 12:00 a.m.

APSB23-22 : Security update available for Adobe Substance 3D Stager

2023-03-1400:00:00
helpx.adobe.com
56
adobe
substance 3d
stager
update
security
vulnerabilities
exploitation
code execution
memory leak
user

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

73.8%

JSON

Adobe has released an update for Adobe Substance 3D Stager. This update addresses critical and important vulnerabilities in Adobe Substance 3D Stager including third party dependencies. Successful exploitation could lead to arbitrary code execution and memory leak in the context of the current user.

Affected configurations

Vulners
Node
adobesubstance_3d_stagerRange2.0.0
VendorProductVersionCPE
adobesubstance_3d_stager*cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*

Related

cvelist 16
cnvd 15
zdi 16
prion 16
nvd 16
cve 16
cvelist
cvelist
CVE-2023-25868 Adobe Substance 3D Stager SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-03-27 00:00:00
CVE-2023-25871 Adobe Substance 3D Stager SVG File Parsing Use-After-Free Remote Code Execution Vulnerability
2023-03-27 00:00:00
CVE-2023-25865 Adobe Substance 3D Stager OBJ File Parsing Memory Corruption Remote Code Execution Vulnerability
2023-03-27 00:00:00
cnvd
cnvd
Adobe Substance 3D Stager out-of-bounds write vulnerability (CNVD-2023-43893)
2023-03-17 00:00:00
Adobe Substance 3D Stager Improper Input Validation Vulnerability
2023-03-17 00:00:00
Adobe Substance 3D Stager Memory Misreference Vulnerability
2023-03-17 00:00:00
zdi
zdi
Adobe Substance 3D Stager SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-03-16 00:00:00
Adobe Substance 3D Stager SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-03-16 00:00:00
Adobe Substance 3D Stager OBJ File Parsing Memory Corruption Remote Code Execution Vulnerability
2023-03-16 00:00:00
prion
prion
Input validation
2023-03-27 21:15:00
Heap overflow
2023-03-27 21:15:00
Design/Logic Flaw
2023-03-27 21:15:00
nvd
nvd
CVE-2023-25877
2023-03-27 21:15:12
CVE-2023-25871
2023-03-27 21:15:11
CVE-2023-25868
2023-03-27 21:15:11
cve
cve
CVE-2023-25871
2023-03-27 21:15:11
CVE-2023-25865
2023-03-27 21:15:11
CVE-2023-25875
2023-03-27 21:15:11

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

73.8%

JSON
Related for APSB23-22
cvelist16cnvd15zdi16prion16nvd16cve16