ID CVE-2020-9728
Summary A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:indesign:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:7.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:7.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:9.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:9.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:9.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:9.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:9.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:9.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:9.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:9.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:9.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:11.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:11.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:12.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:12.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:13.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:13.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:13.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:13.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:14.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:14.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:indesign:15.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:indesign:15.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 14-09-2021 - 17:31)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
misc https://helpx.adobe.com/security/products/indesign/apsb20-52.html
Last major update 14-09-2021 - 17:31
Published 10-09-2020 - 19:15
Last modified 14-09-2021 - 17:31
Back to Top