Lucene search
AdobeCVELIST:CVE-2023-38212HistoryAug 09, 2023 - 8:23 a.m.
CVE-2023-38212 ZDI-CAN-21093: Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2023-08-0908:23:36
CWE-122
adobe
www.cve.org
6
adobe dimension
glb file parsing
buffer overflow
remote code execution
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
55.5%
Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Dimension",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "3.4.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cnvd
cnvd
Adobe Dimension Heap Buffer Overflow Vulnerability (CNVD-2023-65166)
2023-08-11 00:00:00
prion
prion
Heap overflow
2023-08-09 09:15:00
zdi
zdi
nvd
nvd
CVE-2023-38212
2023-08-09 09:15:14
cve
cve
CVE-2023-38212
2023-08-09 09:15:14
nessus
nessus
Adobe Dimension < 3.4.10 Multiple Vulnerabilities (APSB23-44) (macOS)
2023-08-08 00:00:00
Adobe Dimension < 3.4.10 Multiple Vulnerabilities (APSB23-44)
2023-08-08 00:00:00
adobe
adobe
APSB23-44 : Security update available for Adobe Dimension
2023-08-08 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
55.5%
Related for CVELIST:CVE-2023-38212