CVE-2024-41868

🗓️ 11 Sep 2024 16:07:02Reported by adobeType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 52 Views

Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file

Reporter	Title	Published	Views	Family All 11
Tenable Nessus	Adobe Audition < 23.6.9 / 24.0.0 < 24.6.0 Multiple Vulnerabilities (APSB24-54)	10 Sep 202400:00	–	nessus
Tenable Nessus	Adobe Audition < 23.6.9 / 24.0.0 < 24.6.0 Multiple Vulnerabilities (APSB24-54) (macOS)	10 Sep 202400:00	–	nessus
CNNVD	Adobe Audition 缓冲区错误漏洞	11 Sep 202400:00	–	cnnvd
CNVD	Adobe Audition Buffer Overflow Vulnerability (CNVD-2024-39376)	13 Sep 202400:00	–	cnvd
Cvelist	CVE-2024-41868 Audition \| Out-of-bounds Read (CWE-125)	11 Sep 202416:07	–	cvelist
EUVD	EUVD-2024-39245	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Adobe products	11 Sep 202409:31	–	ncsc
NVD	CVE-2024-41868	11 Sep 202416:15	–	nvd
OSV	CVE-2024-41868	11 Sep 202416:15	–	osv
Positive Technologies	PT-2024-6183 · Adobe · Audition	10 Sep 202400:00	–	ptsecurity

NVD

Vulners

Node

adobe auditionRange≤23.6.6

adobe auditionRange24.0–24.4.1

AND

apple mac_os_xMatch-

microsoft windowsMatch-

[
  {
    "defaultStatus": "affected",
    "product": "Audition",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "23.6.6",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/audition/apsb24-54.html

18 Sep 2024 19:13Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.15.5

EPSS0.00033

SSVC

CWE-125

audition vulnerability aslr bypass user interaction disclosure