Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
adobeAdobeAPSB23-26
HistoryApr 11, 2023 - 12:00 a.m.

APSB23-26 : Security update available for Adobe Substance 3D Stager

2023-04-1100:00:00
helpx.adobe.com
14
adobe
substance 3d stager
security update
critical vulnerabilities
arbitrary code execution
memory leak

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.518 Medium

EPSS

Percentile

97.6%

JSON

Adobe has released an update for Adobe Substance 3D Stager. This update addresses critical and important vulnerabilities in Adobe Substance 3D Stager. Successful exploitation could lead to arbitrary code execution and memory leak in the context of the current user.

Affected configurations

Vulners
Node
adobesubstance_3d_stagerRange2.0
CPENameOperatorVersion
adobe substance 3d stagerle2.0

Related

cve 14
prion 14
cvelist 14
nvd 14
zdi 14
cnvd 5
cve
cve
CVE-2023-26389
2023-04-12 22:15:18
CVE-2023-26394
2023-04-12 22:15:19
CVE-2023-26391
2023-04-12 22:15:19
prion
prion
Design/Logic Flaw
2023-04-12 22:15:00
Heap overflow
2023-04-12 22:15:00
Design/Logic Flaw
2023-04-12 22:15:00
cvelist
cvelist
CVE-2023-26391 ZDI-CAN-20256: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
2023-04-12 00:00:00
CVE-2023-26402 ZDI-CAN-20237: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
2023-04-12 00:00:00
CVE-2023-26394 ZDI-CAN-20236: Adobe Substance 3D Stager USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-04-12 00:00:00
nvd
nvd
CVE-2023-26391
2023-04-12 22:15:19
CVE-2023-26403
2023-04-12 22:15:20
CVE-2023-26394
2023-04-12 22:15:19
zdi
zdi
Adobe Substance 3D Stager USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-04-12 00:00:00
Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-04-12 00:00:00
Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
2023-04-12 00:00:00
cnvd
cnvd
Adobe Substance 3D Stager Resource Management Error Vulnerability
2023-04-16 00:00:00
Adobe Substance 3D Stager Input Validation Error Vulnerability
2023-04-16 00:00:00
Adobe Substance 3D Stager Uninitialized Pointer Access Vulnerability
2023-04-16 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.518 Medium

EPSS

Percentile

97.6%

JSON
Related for APSB23-26
cve14prion14cvelist14nvd14zdi14cnvd5