Adobe InDesign 16.x < 16.4.3 / 17.x < 17.4 Multiple Vulnerabilities (APSB22-50)

The version of Adobe InDesign installed on the remote host is prior to 16.4.3. It is, therefore, affected by multiple vulnerabilities, as follows: - An out-of-bounds write vulnerability allows arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

CVE-2022-38417

creationtimestamp| type| source ---|---|--- 2022-09-16 22:29:07+00:00| seen| https://t.me/cibsecurity/49949...

CVE-2022-38417 Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-38417

Adobe InDesign is affected by CVE-2022-38417: an out-of-bounds read when parsing a crafted file could allow code execution in the current user’s context. Affected: InDesign 16.4.2 and earlier; 17.3 and earlier. Exploitation requires user interaction (open a malicious file). Mitigation: update to ...