Cross site scripting

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fil...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-38417 Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-38417 Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-38417

Adobe InDesign is affected by CVE-2022-38417: an out-of-bounds read when parsing a crafted file could allow code execution in the current user’s context. Affected: InDesign 16.4.2 and earlier; 17.3 and earlier. Exploitation requires user interaction (open a malicious file). Mitigation: update to ...

CVE-2022-38416

CVE-2022-38416 affects Adobe InDesign versions 16.4.2 and earlier, and 17.3 and earlier, with an out-of-bounds read when parsing a crafted file that could allow code execution under the user’s context. Exploitation requires user interaction (opening a malicious file). Public remediation in connec...

CVE-2022-38416 Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-38416 Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-30676

Adobe InDesign 16.x and 17.x are affected by CVE-2022-30676, an out-of-bounds read leading to memory disclosure. Root cause: parsing/memory handling flaw that could bypass ASLR. Exploitation requires user interaction (opening a malicious file) and is described as local with medium base score. Aff...

CVE-2022-30676 Adobe InDesign 2022 Out-of-Bound Read Memory leak

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-30676 Adobe InDesign 2022 Out-of-Bound Read Memory leak

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-38413

CVE-2022-38413 affects Adobe InDesign (16.x prior to 16.4.3 and 17.x prior to 17.4). It is a heap-based buffer overflow in SVG/file parsing that could allow arbitrary code execution in the context of the current user; exploitation requires user interaction (open a malicious file). Remediation ref...

CVE-2022-38413 Adobe InDesign SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-38413 Adobe InDesign SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-38415

Adobe InDesign CVE-2022-38415 is a heap-based buffer overflow in PCX file parsing that could allow arbitrary code execution when a user opens a crafted file. Affected versions include 16.4.2 and 17.3 (and earlier); exploitation requires user interaction. Connected documents corroborate the vulner...