Adobe After Effects à 17.1 buffer overflow

entréeeditHistoryDiffjsonxmlCTI

Une vulnérabilité a été trouvé dans Adobe After Effects à 17.1 et classée critique. Affecté est une fonction inconnue. Mettre à jour élimine cette vulnérabilité.

Field26/06/2020 02:07 PM26/06/2020 02:12 PM27/10/2020 11:41 AM
vendorAdobeAdobeAdobe
nameAfter EffectsAfter EffectsAfter Effects
version<=17.1<=17.1<=17.1
risk222
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss3_meta_basescore7.07.07.0
cvss3_meta_tempscore6.76.76.7
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.06.06.0
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
date1593043200 (25/06/2020)1593043200 (25/06/2020)1593043200 (25/06/2020)
locationWebsiteWebsiteWebsite
typeSecurity BulletinSecurity BulletinSecurity Bulletin
urlhttps://helpx.adobe.com/security/products/after_effects/apsb20-35.htmlhttps://helpx.adobe.com/security/products/after_effects/apsb20-35.htmlhttps://helpx.adobe.com/security/products/after_effects/apsb20-35.html
identifierAPSB20-35APSB20-35APSB20-35
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
cveCVE-2020-9637CVE-2020-9637CVE-2020-9637
seealso157293 157306 157307 157308157293 157306 157307 157308157293 157306 157307 157308
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
cvss3_nvd_basescore7.87.87.8
cwe0787 (buffer overflow)787 (buffer overflow)
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciCC
cvss2_nvd_iiCC
cvss2_nvd_aiCC
cvss3_nvd_avLL
cvss3_nvd_acLL
cvss3_nvd_prNN
cvss3_nvd_uiRR
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
cve_assigned15831072001583107200
cve_nvd_summaryAdobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
confirm_urlhttps://helpx.adobe.com/security/products/after_effects/apsb20-35.html

Interested in the pricing of exploits?

See the underground prices here!