ID CVE-2020-9564
Summary Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:bridge:-:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 29-06-2020 - 15:00)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
confirm https://helpx.adobe.com/security/products/bridge/apsb20-19.html
Last major update 29-06-2020 - 15:00
Published 26-06-2020 - 21:15
Last modified 29-06-2020 - 15:00
Back to Top