Lucene search
Michael DePlante (@izobashi) of Trend Micro's Zero Day InitiativeZDI-23-390HistoryApr 12, 2023 - 12:00 a.m.
Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-04-1200:00:00
Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative
www.zerodayinitiative.com
7
adobe digital editions
pdf
file parsing
out-of-bounds write
remote code execution
vulnerability
user interaction
malicious page
allocated buffer
0.003 Low
EPSS
Percentile
69.8%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
nessus
nessus
Adobe Digital Editions < 4.5.11.187658 Arbitrary code execution (APSB23-04)
2023-04-11 00:00:00
nvd
nvd
CVE-2023-21582
2023-04-12 22:15:14
openvas
openvas
Adobe Digital Editions Code Execution Vulnerability (APSB23-04) - Windows
2023-04-14 00:00:00
cnvd
cnvd
Adobe Digital Editions Buffer Overflow Vulnerability (CNVD-2023-29804)
2023-04-16 00:00:00
adobe
adobe
APSB23-04 : Security update available for Adobe Digital Editions
2023-04-11 00:00:00
cvelist
cvelist
prion
prion
Cross site scripting
2023-04-12 22:15:00
cve
cve
CVE-2023-21582
2023-04-12 22:15:14