20 matches found
CVE-2020-24440
Summary of CVE-2020-24440 : Adobe Prelude on Windows (versions
CVE-2021-43754
Adobe Prelude is affected by an Out-of-bounds Write vulnerability in versions 22.1.1 and earlier due to insecure handling of a malicious file, potentially allowing arbitrary code execution in the current user’s context. Exploitation requires user interaction. The issue is addressed in Adobe’s APS...
CVE-2021-42737
CVE-2021-42737 affects Adobe Prelude (≤10.1) via a memory corruption vulnerability in WAV handling that can lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a specially crafted WAV file. Reports in multiple feeds (NVD, CNVD, CNNVD) confir...
CVE-2021-40771
CVE-2021-40771 affects Adobe Prelude 10.1 and earlier and involves a memory corruption flaw in WAV file parsing caused by insecure handling of a malicious WAV. The vulnerability can lead to arbitrary code execution in the context of the current user and requires user interaction (victim opens a c...
CVE-2023-44362
Adobe Prelude 22.6 and earlier are affected by an uninitialized pointer vulnerability in MP4 parsing that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation: update to Adobe Prelude 22.6.1 (per APSB23-67) on Windows/macOS; patc...
CVE-2021-40773
Adobe Prelude 10.1 and earlier is affected by a null pointer dereference when parsing a specially crafted file, allowing an unauthenticated attacker to cause a denial-of-service in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Remediation...
CVE-2021-42738
CVE-2021-42738 concerns Adobe Prelude 10.1 and earlier, with memory corruption due to insecure handling of a malicious MXF file. The vulnerability could lead to arbitrary code execution in the current user context. Exploitation requires the victim to open a specially crafted MXF file (user intera...
CVE-2020-9678
Adobe Prelude 9.0 and earlier contain an out-of-bounds write (CVE-2020-9678) that could lead to arbitrary code execution. The root cause is tied to processing in Prelude prior to version 9.0.1, with confirmed advisories and mappings across Red Hat, Nessus/ADOBE APSB20-46, and ZDI. Remediation: up...
CVE-2021-35999
Adobe Prelude is affected by a memory corruption vulnerability in versions 10.0 and earlier when parsing specially crafted files, leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected product detail...
CVE-2021-40775
Adobe Prelude (Windows/macOS) versions 10.1 and earlier are affected by a memory corruption vulnerability triggered by handling of a malicious SVG file, potentially enabling arbitrary code execution in the current user context after user opens a crafted file. Affected component: SVG file parsing;...
CVE-2021-43011
Adobe Prelude
CVE-2021-36007
Adobe Prelude (10.0 and earlier) is affected by an information-disclosure issue caused by an uninitialized variable during MP4 file parsing. An unauthenticated attacker could disclose memory contents in the context of the current user, and exploitation requires the user to open a malicious file o...
CVE-2021-40770
CVE-2021-40770 is a memory-corruption vulnerability in Adobe Prelude 10.1 and earlier caused by insecure parsing of a malicious M4A file. It can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (open a crafted M4A file). A remediation exi...
CVE-2021-40772
CVE-2021-40772 affects Adobe Prelude 10.1 and earlier. The issue is a memory corruption vulnerability caused by insecure handling of a malicious M4A file, leading to arbitrary code execution in the current user’s context. Exploitation requires user interaction (opening a crafted file). The vulner...
CVE-2021-43012
Adobe Prelude
CVE-2020-9680
CVE-2020-9680 affects Adobe Prelude 9.0 and earlier. The issue is an out-of-bounds write in Prelude’s MP4/file handling that could allow an attacker to execute arbitrary code on the affected system. Public references in connected documents corroborate the same root cause and impact, and several s...
CVE-2021-40774
CVE-2021-40774 affects Adobe Prelude 10.1 and earlier. The vulnerability is a null pointer dereference in the file-parsing path, which can lead to application denial-of-service in the context of the current user. Exploitation requires the victim to open a specially crafted file (user interaction)...
CVE-2021-44696
Adobe Prelude versions 22.1.1 and earlier are affected by an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious JPEG). The CVE is documented across NVD/ZDI/CVE lists; remediation is addressed in APSB21-114 with available updates. ...
CVE-2020-9677
CVE-2020-9677 affects Adobe Prelude
CVE-2020-9679
Adobe Prelude is affected in versions 9.0 and earlier (Windows) by an out-of-bounds read vulnerability (CVE-2020-9679) that could lead to arbitrary code execution. The connected sources consistently identify the issue as out-of-bounds read/write with potential code execution, and the validated re...