CVE-2022-35676 Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

🗓️ 11 Aug 2022 14:46:56Reported by adobeType

Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability in Versions 2019 Update 8 and 2020 Update

Reporter	Title	Published	Views	Family All 15
Tenable Nessus	Adobe FrameMaker 2019 < 15.0.8 (2019.0.8) / Adobe FrameMaker 2020 < 16.0.4 (2020.0.4) Multiple Vulnerabilities (APSB22-42)	10 Aug 202200:00	–	nessus
BDU FSTEC	The vulnerability of the Adobe Framemaker desktop publishing system, related to buffer overflows in the queue, allows a hacker to execute arbitrary code.	24 Aug 202200:00	–	bdu_fstec
Circl	CVE-2022-35676	11 Aug 202218:38	–	circl
CNNVD	Adobe FrameMaker 安全漏洞	9 Aug 202200:00	–	cnnvd
CNVD	Adobe FrameMaker Heap Buffer Overflow Vulnerability (CNVD-2022-87169)	11 Aug 202200:00	–	cnvd
CVE	CVE-2022-35676	11 Aug 202214:46	–	cve
EUVD	EUVD-2022-38552	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Adobe products	10 Aug 202200:00	–	ncsc
NVD	CVE-2022-35676	11 Aug 202215:15	–	nvd
OpenVAS	Adobe Framemaker Security Updates (APSB22-42) - Windows	10 Aug 202200:00	–	openvas

[
  {
    "product": "FrameMaker",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "2019u8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2020u4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "None",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/framemaker/apsb22-42.html

11 Aug 2022 14:46Current

8High risk

Vulners AI Score8

CVSS 3.17.8

EPSS0.00127

CWE-122