10 matches found
CVE-2024-20795
Adobe Animate versions 23.0.4, 24.0.1 and earlier are affected by CVE-2024-20795, an Integer Overflow or Wraparound vulnerability that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (the victim must open a malicious file). Remediation pe...
CVE-2024-20794
Adobe Animate is affected by a NULL pointer dereference in WAV file parsing (CVE-2024-20794) that can crash the application and cause a denial of service. Vulnerable versions include 23.0.4, 24.0.1 and earlier. Exploitation requires user interaction (victim opens a malicious file). Remediation is...
CVE-2024-20797
CVE-2024-20797 affects Adobe Animate: versions 23.0.4, 24.0.1 and earlier suffer an out-of-bounds read while parsing a crafted file, potentially enabling code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). The issue is part of a ...
CVE-2024-20796
Adobe Animate (Windows/macOS) versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read that can disclose memory contents. Exploitation requires user interaction (victim opens a malicious file). The issue is listed as CVE-2024-20796. Adobe APSB24-26 and related advisories indicate...
CVE-2024-53953
CVE-2024-53953 (Adobe Animate) is a Use After Free vulnerability in Animate versions 23.0.8, 24.0.5 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Affected components are the Animate runt...
CVE-2024-45155
Adobe Animate is affected by an Access of Uninitialized Pointer vulnerability (CVE-2024-45155) in versions 23.0.8, 24.0.5 and earlier, allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Remediation: update to th...
CVE-2024-45156
CVE-2024-45156 affects Adobe Animate 23.0.8, 24.0.5 and earlier with a NULL pointer dereference that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Affected products and versions are confirmed ac...
CVE-2024-49528
Adobe Animate is affected by an out-of-bounds write vulnerability (CWE-787) in versions 23.0.7, 24.0.4 and earlier, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected products/vers...
CVE-2024-49526
CVE-2024-49526 affects Adobe Animate versions 23.0.7, 24.0.4 and earlier. The issue is a Use-After-Free vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The CVE is associated wi...
CVE-2024-49527
Adobe Animate CVE-2024-49527 is an out-of-bounds read in versions 23.0.7, 24.0.4 and earlier that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious file; attack vector is local. Remediation per APSB24-76 is updating to 23.0.8 or 24.0.5 (or newer).