CVE-2023-29317

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

Cross site scripting

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...

CVE-2023-29311

CVE-2023-29311 affects Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). The connected sources indicate fixes in the InDesign...

CVE-2023-29314

Adobe InDesign is affected by an out-of-bounds read vulnerability (CVE-2023-29314) in versions ID18.3 and earlier, and ID17.4.1 and earlier, potentially allowing memory disclosure and bypass of ASLR. Exploitation requires user interaction (opening a malicious file). Related write/read out-of-boun...

CVE-2023-29308

Adobe InDesign is affected by CVE-2023-29308 and related CVEs (229308-29319) due to an out-of-bounds write in versions ID18.3 and earlier and ID17.4.1 and earlier, enabling arbitrary code execution in the user context if a malicious file is opened. Exploitation requires user interaction. The Conn...

CVE-2023-29318

Adobe InDesign is affected by CVE-2023-29318: out-of-bounds read in InDesign versions ID18.3 and earlier, and ID17.4.1 and earlier. The vulnerability could disclose sensitive memory and bypass ASLR; exploitation requires a user to open a malicious file. Affected product is the desktop InDesign su...

CVE-2023-29309

CVE-2023-29309 affects Adobe InDesign versions ID18.3 and earlier, and ID17.4.1 and earlier. The issue is an out-of-bounds read in InDesign that can disclose sensitive memory and could bypass ASLR. Exploitation requires user interaction (victim opens a crafted file). Connected sources also refere...

CVE-2023-29316

Adobe InDesign is affected by CVE-2023-29316: out-of-bounds read in InDesign versions ID18.3 and earlier and ID17.4.1 and earlier, potentially leaking memory and bypassing ASLR. Exploitation requires user interaction (open a malicious file). Connected sources corroborate the vulnerability and ref...

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign is a suite of typesetting and editing applications from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe InDesign version ID18.3 and earlier, and version ID17.4.1 and earlier. An attacker could exploit this vulnerability to cause a sensitive memory...