15 matches found
CVE-2021-40763
Adobe Character Animator 4.4 and earlier is affected by a memory corruption vulnerability when parsing a WAF file, potentially enabling arbitrary code execution in the current user context. Exploitation requires user interaction. Remediation per APSB21-95 is to update to 4.4.2 or newer (patch ava...
CVE-2021-40769
CVE-2021-40769 is an out-of-bounds read vulnerability in Adobe Character Animator 4.4 and earlier (notably in SVG file parsing) that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected versions should be updated to 4.4....
CVE-2021-40762
Adobe Character Animator 4.4 and earlier is affected by CVE-2021-40762, a Null pointer dereference while parsing a specially crafted file that allows an unauthenticated attacker to trigger an application denial-of-service in the context of the current user. Exploitation requires user interaction ...
CVE-2021-40764
CVE-2021-40764 affects Adobe Character Animator 4.4 and earlier. The vulnerability is a memory corruption flaw when parsing M4A files, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a crafted file). Docume...
CVE-2021-40765
Adobe Character Animator should be updated to 4.4.2 or newer. The CVE-2021-40765 issue is a memory corruption vulnerability in the M4A parser that could lead to arbitrary code execution under the current user when opening a malicious file; user interaction is required. Affected: Adobe Character A...
CVE-2021-40768
Adobe Character Animator 4.4 (and earlier) contains a Null pointer dereference when parsing a specially crafted file, enabling an unauthenticated attacker to cause an application denial-of-service in the context of the current user. Exploitation requires user interaction (victim opens a malicious...
CVE-2021-40766
Adobe Character Animator 4.4 and earlier versions are affected by an out-of-bounds read vulnerability (CVE-2021-40766) that can disclose memory contents and bypass mitigations such as ASLR. The issue is triggered by parsing certain files and requires user interaction (victim must open a malicious...
CVE-2021-40767
Adobe Character Animator versions 4.4 and earlier are affected by an Access of Memory Location After End of Buffer when parsing a specially crafted file, enabling a crafted-file attacker to cause an application DoS within the current user context. Exploitation requires user interaction (victim op...
CVE-2022-28819
CVE-2022-28819 affects Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier). The issue is an out-of-bounds write vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicio...
CVE-2022-34241
Adobe Character Animator is affected by CVE-2022-34241 (heap-based buffer overflow) and CVE-2022-34242 (out-of-bounds read) for versions 4.4.7 and earlier and 22.4 and earlier. The flaws allow arbitrary code execution in the context of the current user and require user interaction (victim opens a...
CVE-2022-34242
Adobe Character Animator is affected by CVE-2022-34242: versions 4.4.7 and earlier and 22.4.x and earlier contain an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the caller’s context. Exploitation requires user interaction (victim opens a malicious file)....
CVE-2021-36000
CVE-2021-36000 affects Adobe Character Animator versions 4.2 and earlier. The issue is a memory corruption vulnerability triggered while parsing a specially crafted file, allowing an unauthenticated attacker to achieve arbitrary code execution in the user’s context. Exploitation requires user int...
CVE-2021-36001
CVE-2021-36001 is an out-of-bounds read vulnerability in Adobe Character Animator 4.2 and earlier when parsing a specially crafted PNG file. An unauthenticated attacker could disclose arbitrary memory information in the context of the current user, with exploitation requiring user interaction (vi...
CVE-2020-9586
CVE-2020-9586 affects Adobe Character Animator versions 3.2 and earlier. The vulnerability is a stack-based buffer overflow in the parsing of the BoundingBox element in PostScript, leading to arbitrary code execution. Exploitation could occur when a user opens a malicious file or visits a malicio...
CVE-2019-7870
CVE-2019-7870 affects Adobe Character Animator up to version 2.1 (Windows/macOS). The issue is insecure library loading (DLL hijacking) that can lead to arbitrary code execution if exploited. Public sources consistently describe this vulnerability as tied to the DLL loading weakness in Character ...