23 matches found
CVE-2020-9655
CVE-2020-9655 affects Adobe Premiere Rush ≤1.5.12 with an out-of-bounds read that could enable arbitrary code execution. The ThreatPost summary notes fixes in Premiere Rush version 1.5.16 (APSB20-39) and Adobe’s security update (APSB20-39) addressing this and related flaws. Remediation: upgrade t...
CVE-2022-23204
CVE-2022-23204 affects Adobe Premiere Rush versions 2.0 and earlier. It describes an out-of-bounds read in JPEG/file parsing that could disclose memory and bypass mitigations like ASLR. Exploitation requires a user to open a malicious file. Mitigation: Adobe released a security update (APSB22-06)...
CVE-2023-22234
Adobe Premiere Rush
CVE-2020-9617
Adobe Premiere Rush is affected by CVE-2020-9617 (out-of-bounds read) in versions 1.5.8 and earlier, caused by improper validation in MOV parsing that could disclose information. Impact is information disclosure. Affected product: Premiere Rush (Windows/macOS); vulnerable component: MOV file pars...
CVE-2021-40784
CVE-2021-40784 affects Adobe Premiere Rush; versions 1.5.16 and earlier are vulnerable to a memory corruption issue triggered by handling a malicious WAV file, potentially enabling arbitrary code execution in the current user context. Exploitation requires user interaction. Remediation is availab...
CVE-2021-43030
Adobe Premiere Rush (Windows/macOS)
CVE-2021-43746
Adobe Premiere Rush 1.5.16 and earlier is affected by CVE-2021-43746 due to an uninitialized memory access in MP4 file parsing, allowing remote information disclosure after user visits a malicious page or opens a crafted file. The issue is a pointer initialization flaw in parsing MP4s, leading to...
CVE-2021-43024
Adobe Premiere Rush (Windows/macOS)
CVE-2021-43025
Adobe Premiere Rush versions 1.5.16 and earlier are affected by CVE-2021-43025, a memory corruption vulnerability triggered by handling a malicious SVG file. The issue could enable arbitrary code execution in the context of the current user, and requires user interaction to exploit. Affected comp...
CVE-2021-40783
Adobe Premiere Rush
CVE-2023-22244
CVE-2023-22244 affects Adobe Premiere Rush (≤2.6). It is a Use-After-Free vulnerability in PSD/file handling that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file); the issue is identified across multipl...
CVE-2021-43023
Adobe Premiere Rush
CVE-2021-43026
Adobe Premiere Rush
CVE-2021-43028
Adobe Premiere Rush version 1.5.16 and earlier is affected by a memory corruption vulnerability caused by insecure handling of a malicious M4A file, potentially enabling arbitrary code execution in the current user’s context. Exploitation requires user interaction (per CVSS3.1: LOCAL access, UI: ...
CVE-2020-9657
CVE-2020-9657 affects Adobe Premiere Rush versions 1.5.12 and earlier, with an out-of-bounds write that could lead to arbitrary code execution. Affected software: Adobe Premiere Rush (Windows/macOS). Root cause: out-of-bounds write vulnerability in Rush prior to version 1.5.16. Impact: arbitrary ...
CVE-2021-43748
Adobe Premiere Rush
CVE-2021-43749
Adobe Premiere Rush multiple sources confirm CVE-2021-43749 is a null pointer dereference vulnerability affecting version 1.5.16 and earlier, enabling a denial-of-service within the current user context. Exploitation requires user interaction (victim opens a malicious file), and the issue is desc...
CVE-2021-43747
Adobe Premiere Rush 1.5.16 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction. Affected product: Adobe Premiere Rush...
CVE-2021-43750
Adobe Premiere Rush versions 1.5.16 and earlier are affected by a Null pointer dereference vulnerability that can cause application denial-of-service in the context of the current user when a victim opens a malicious file. The issue is exploitable locally and requires user interaction. Affected p...
CVE-2021-43021
Adobe Premiere Rush 1.5.16 and earlier are affected by a memory corruption vulnerability caused by insecure handling of a malicious EXR file, potentially enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (local). This CVE (CVE-2021-43021)...
CVE-2021-43029
CVE-2021-43029 affects Adobe Premiere Rush 1.5.16 and earlier, describing a memory corruption vulnerability due to insecure handling of a malicious M4A file that can lead to arbitrary code execution in the context of the current user. The vulnerability requires user interaction to exploit per the...
CVE-2021-43022
Adobe Premiere Rush
CVE-2020-9656
CVE-2020-9656 affects Adobe Premiere Rush