Lucene search

PRIOn knowledge basePRION:CVE-2023-38216

HistoryOct 11, 2023 - 12:15 p.m.

Design/Logic Flaw

2023-10-1112:15:00

PRIOn knowledge base

www.prio-n.com

adobe bridge

use after free

vulnerability

disclosure

sensitive memory

aslr

exploitation

malicious file

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.0%

JSON

Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CPENameOperatorVersion
bridgele12.0.4
bridgege13.0.0
bridgelt13.0.4

Name	Operator	Version
bridge	le	12.0.4
bridge	ge	13.0.0
bridge	lt	13.0.4

References

helpx.adobe.com/security/products/bridge/apsb23-49.html