1. CVE-Search
  2. CVE-2020-9674
ID CVE-2020-9674
Summary Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:bridge:-:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:bridge:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:bridge:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 31-03-2022 - 01:55)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
confirm https://helpx.adobe.com/security/products/bridge/apsb20-44.html
misc https://www.zerodayinitiative.com/advisories/ZDI-20-913/
Last major update 31-03-2022 - 01:55
Published 22-07-2020 - 20:15
Last modified 31-03-2022 - 01:55
Back to Top