Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-23-154HistoryFeb 24, 2023 - 12:00 a.m.
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-02-2400:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
6
adobe framemaker
font parsing
remote code execution
vulnerability
user interaction
embedded fonts
allocated buffer
current process
0.004 Low
EPSS
Percentile
74.1%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of embedded fonts. Crafted data in a font can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
prion
prion
Cross site scripting
2023-02-17 22:15:00
nvd
nvd
CVE-2023-21622
2023-02-17 22:15:12
cvelist
cvelist
cve
cve
CVE-2023-21622
2023-02-17 22:15:12
cnvd
cnvd
Adobe FrameMaker out-of-bounds write vulnerability (CNVD-2023-14295)
2023-02-17 00:00:00
openvas
openvas
Adobe Framemaker Security Update (APSB23-06) - Windows
2023-02-16 00:00:00
nessus
nessus
adobe
adobe
APSB23-06 : Security update available for Adobe FrameMaker
2023-02-14 00:00:00