The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to circumvent ASLR protection and gain unauthorized access to protected information.

🗓️ 01 Jul 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Adobe InDesign automation tool overreads memory buffer, bypassing ASLR to access protected data.

Reporter	Title	Published	Views	Family All 16
Tenable Nessus	Adobe InDesign < 19.5.4 / 20.0 < 20.3.0 Multiple Vulnerabilities (APSB25-53)	10 Jun 202500:00	–	nessus
Tenable Nessus	Adobe InDesign < 19.5.4 / 20.0 < 20.3.0 Multiple Vulnerabilities (APSB25-53) (macOS)	10 Jun 202500:00	–	nessus
BDU FSTEC	The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to circumvent ASLR protection and gain unauthorized access to protected information.	1 Jul 202500:00	–	bdu_fstec
Circl	CVE-2025-47104	10 Jun 202516:31	–	circl
CNNVD	Adobe InDesign Desktop 缓冲区错误漏洞	10 Jun 202500:00	–	cnnvd
CNVD	Adobe InDesign Desktop Buffer Overflow Vulnerability (CNVD-2025-14825)	17 Jun 202500:00	–	cnvd
CVE	CVE-2025-47104	10 Jun 202516:23	–	cve
Cvelist	CVE-2025-47104 InDesign Desktop \| Out-of-bounds Read (CWE-125)	10 Jun 202516:23	–	cvelist
EUVD	EUVD-2025-17700	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Adobe InDesign Desktop	30 Jun 202512:58	–	ncsc

Vulners

Node

adobe_systems adobe_indesignRange≤20.2

OR

adobe_systems adobe_indesignRange≤19.5.3

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-47104
helpx	www.helpx.adobe.com/security/products/indesign/apsb25-53.html
web	www.web.nvd.nist.gov/view/vuln/detail

01 Jul 2025 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 24.9

CVSS 35.5

EPSS0.0024

Adobe InDesign memory overread buffer overread unauthorized access protected data memory protection bypass