CVE-2023-21595

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21594

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21595

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21596

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21597

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21596

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Design/Logic Flaw

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that...

Design/Logic Flaw

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

Heap overflow

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Input validation

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21595 Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21596

Adobe InCopy is affected by CVE-2023-21596 due to improper input validation, allowing arbitrary code execution under the current user. Affected versions are 18.0 and earlier, and 17.4 and earlier; exploitation requires user interaction (victim opens a malicious file). Root cause is input validati...

CVE-2023-21599 Adobe InCopy Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2023-21597 Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21594 Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-21599 Adobe InCopy Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe InCopy versions 18.0 and earlier, 17.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2023-21594

Adobe InCopy is affected by a heap-based buffer overflow in font parsing that could allow arbitrary code execution in the context of the current user when a user opens a crafted file. Affected versions include 18.0 and earlier, and 17.4 and earlier. The issue is triggered by processing a maliciou...

CVE-2023-21598

CVE-2023-21598 – Adobe InCopy Use-After-Free : Connected sources corroborate a memory disclosure vulnerability in InCopy versions 18.0 and earlier, and 17.4 and earlier. The underlying issue is a Use-After-Free flaw that can bypass mitigations such as ASLR, with exploitation requiring user intera...