{"id": "CVE-2020-9662", "bulletinFamily": "NVD", "title": "CVE-2020-9662", "description": "Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .", "published": "2020-06-25T22:15:00", "modified": "2020-06-29T20:11:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9662", "reporter": "cve@mitre.org", "references": ["https://helpx.adobe.com/security/products/after_effects/apsb20-35.html"], "cvelist": ["CVE-2020-9662"], "type": "cve", "lastseen": "2020-12-09T22:03:20", "edition": 8, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "zdi", "idList": ["ZDI-20-726"]}, {"type": "nessus", "idList": ["ADOBE_AFTER_EFFECTS_APSB20-35.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:0520B21C32AEF3BA1666DAFAA427792E"]}], "modified": "2020-12-09T22:03:20", "rev": 2}, "score": {"value": 6.9, "vector": "NONE", "modified": "2020-12-09T22:03:20", "rev": 2}, "vulnersScore": 6.9}, "cpe": [], "affectedSoftware": [{"cpeName": "adobe:after_effects", "name": "adobe after effects", "operator": "lt", "version": "17.1.1"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cpe23": [], "cwe": ["CWE-787"], "scheme": null, "affectedConfiguration": [{"cpeName": "microsoft:windows", "name": "microsoft windows", "operator": "eq", "version": "-"}, {"cpeName": "apple:mac_os", "name": "apple mac os", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:adobe:after_effects:17.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "17.1.1", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}]}}

{"zdi": [{"lastseen": "2020-06-22T11:40:13", "bulletinFamily": "info", "cvelist": ["CVE-2020-9662"], "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MP4 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process.", "edition": 1, "modified": "2020-06-22T00:00:00", "published": "2020-06-18T00:00:00", "id": "ZDI-20-726", "href": "https://www.zerodayinitiative.com/advisories/ZDI-20-726/", "title": "Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2020-10-24T05:18:57", "description": "The version of Adobe After Effects installed on the remote Windows host is prior or equal to 17.1. It is, therefore,\naffected by an out-of-bounds read vulnerability. Successful exploitation could lead to an arbitrary code execution.", "edition": 4, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-19T00:00:00", "title": "Adobe After Effects <= 17.1.1 Arbitrary Code Execution\u00e2\u0080\u00af(APSB20-35)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-9638", "CVE-2020-9662", "CVE-2020-9637", "CVE-2020-9661", "CVE-2020-9660"], "modified": "2020-06-19T00:00:00", "cpe": ["cpe:/a:adobe:after_effects"], "id": "ADOBE_AFTER_EFFECTS_APSB20-35.NASL", "href": "https://www.tenable.com/plugins/nessus/137646", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137646);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\n \"CVE-2020-9637\",\n \"CVE-2020-9638\",\n \"CVE-2020-9660\",\n \"CVE-2020-9661\",\n \"CVE-2020-9662\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0262-S\");\n\n script_name(english:\"Adobe After Effects <= 17.1.1 Arbitrary Code Execution\u00e2\u0080\u00af(APSB20-35)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is affected by an Arbitrary Code Execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe After Effects installed on the remote Windows host is prior or equal to 17.1. It is, therefore,\naffected by an out-of-bounds read vulnerability. Successful exploitation could lead to an arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/illustrator/apsb20-37.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe After Effects version 17.1.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9662\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:after_effects\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_after_effects_installed.nbin\");\n script_require_keys(\"installed_sw/Adobe After Effects\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Adobe After Effects', win_local:TRUE);\n\nconstraints = [\n { 'fixed_version' : '17.1.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-10-15T22:18:14", "bulletinFamily": "info", "cvelist": ["CVE-2020-24400", "CVE-2020-24407", "CVE-2020-9575", "CVE-2020-9637", "CVE-2020-9638", "CVE-2020-9639", "CVE-2020-9640", "CVE-2020-9641", "CVE-2020-9642", "CVE-2020-9652", "CVE-2020-9653", "CVE-2020-9654", "CVE-2020-9655", "CVE-2020-9656", "CVE-2020-9657", "CVE-2020-9658", "CVE-2020-9659", "CVE-2020-9660", "CVE-2020-9661", "CVE-2020-9662", "CVE-2020-9666"], "description": "Adobe patched 18 critical vulnerabilities Tuesday impacting key products Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. The out-of-band fixes address vulnerabilities allowing an attacker to execute arbitrary code, if bugs are exploited.\n\nIn its [security bulletin Adobe](<https://blogs.adobe.com/psirt/?p=1884>) said it was not aware of any exploits in the wild for any of the bugs.\n\nFive of the critical flaws were discovered in [versions 17.1 and earlier](<https://helpx.adobe.com/security/products/after_effects/apsb20-35.html>) of After Effects. Users are encouraged to update to version 17.1.1.\n\n[](<https://threatpost.com/newsletter-sign/>)\n\nThe After Effects flaws include an out-of-bounds read vulnerability (CVE-2020-9661), out-of-bounds write vulnerabilities (CVE-2020-9660, CVE-2020-9662) and heap overflow flaws ( CVE-2020-9637, CVE-2020-9638).\n\nAdobe Illustrator received five patches, including one for a buffer error (CVE-2020-9642) and memory corruption bugs (CVE-2020-9575, CVE-2020-9641, CVE-2020-9640, CVE-2020-9639). Versions 24.1.2 and earlier [of Illustrator 2020](<https://helpx.adobe.com/security/products/illustrator/apsb20-37.html>) are affected, version 24.2 of the popular illustration app has fixed the issues.\n\nAdobe also patched three flaws in versions 1.5.12 and earlier of [Premiere Rush](<https://helpx.adobe.com/security/products/premiere_rush/apsb20-39.html>), Adobe\u2019s video editing app. The flaws were fixed in version 1.5.16. They included two out-of-bounds write (CVE-2020-9656, CVE-2020-9657) and an out-of-bounds read flaw (CVE-2020-9655).\n\nAnd, Adobe patched three flaws [in Premiere Pro](<https://helpx.adobe.com/security/products/premiere_pro/apsb20-38.html>), another version of Adobe\u2019s video editing software that is more advanced than Adobe Premiere Rush (which is instead more targeted toward YouTubers and social media creators). These include out-of-bounds write (CVE-2020-9653, CVE-2020-9654) and out-of-bounds read (CVE-2020-9652) vulnerabilities. Adobe Premiere Pro versions 14.2 and earlier are affected; users are urged to update to version 14.3.\n\nFinally, versions 13.0.6 and earlier of Adobe\u2019s audio app, Audition, had [two critical](<https://helpx.adobe.com/security/products/audition/apsb20-40.html>) out-of-bounds write flaws (CVE-2020-9658, CVE-2020-9659). These flaws were fixed in version 13.0.7 for Windows and macOS.\n\nAn \u201cimportant\u201d severity [out-of-bounds read bug](<https://helpx.adobe.com/security/products/campaign/apsb20-34.html>) (CVE-2020-9666) enabling information disclosure was also patched in Adobe Campaign Classic, its marketing campaign management application.\n\nThe out-of-band update comes a week after Adobe\u2019s scheduled patches, where it stomped out [four critical flaws](<https://threatpost.com/adobe-warns-critical-flaws-flash-player-framemaker/156417/>) in Flash Player and in its Framemaker document processor.\n\n**_Insider threats are different in the work-from home era. On _**[**_June 24 at 2 p.m. ET_**](<https://attendee.gotowebinar.com/register/3265005683762389007?source=ART>)**_, join the Threatpost edit team and our special guest, Gurucul CEO Saryu Nayyer, for a FREE webinar, \u201c_**_**The Enemy Within: How Insider Threats Are Changing.\u201d **_**_Get helpful, real-world information on how insider threats are changing with WFH, what the new attack vectors are and what companies can do about it_**_**. **_[**_Please register here_**](<https://attendee.gotowebinar.com/register/3265005683762389007?source=ART>)**_ for this Threatpost webinar._**\n", "modified": "2020-06-16T19:29:09", "published": "2020-06-16T19:29:09", "id": "THREATPOST:0520B21C32AEF3BA1666DAFAA427792E", "href": "https://threatpost.com/adobe-patches-18-critical-flaws-in-out-of-band-update/156609/", "type": "threatpost", "title": "Adobe Patches 18 Critical Flaws in Out-Of-Band Update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}