CVE-2024-41836 (GCVE-0-2024-41836)
Vulnerability from
Published
2024-07-23 11:34
Modified
2024-12-12 17:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-476 - NULL Pointer Dereference ()
Summary
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | InDesign Desktop |
Version: 0 ≤ ID19.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T13:25:30.034034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:09:25.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:46:52.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-48.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "InDesign Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "ID19.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-07-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T17:23:38.982Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-48.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "InDesign Desktop | NULL Pointer Dereference (CWE-476)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41836",
"datePublished": "2024-07-23T11:34:55.471Z",
"dateReserved": "2024-07-22T17:16:40.934Z",
"dateUpdated": "2024-12-12T17:23:38.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30314 (GCVE-0-2024-30314)
Vulnerability from
Published
2024-05-16 11:36
Modified
2024-12-12 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') ()
Summary
Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | Dreamweaver Desktop |
Version: 0 ≤ 21.3 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:dreamweaver:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dreamweaver",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "21.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30314",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T13:56:18.684127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:32.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Dreamweaver Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T17:22:09.719Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30314",
"datePublished": "2024-05-16T11:36:01.484Z",
"dateReserved": "2024-03-26T16:04:09.510Z",
"dateUpdated": "2024-12-12T17:22:09.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4149 (GCVE-0-2022-4149)
Vulnerability from
Published
2023-06-15 06:44
Modified
2024-12-12 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits permission giving all users full access control list. Netskope client restricts access to this file by allowing only read permissions as a standard user. Whenever the Netskope client service restarts, it deletes the logplaceholder and recreates, creating a race condition, which can be exploited by a malicious local user to create the file and set ACL permissions on the file. Once the file is created by a malicious user with proper ACL permissions, all files within C:\Users\Public\netSkope\ becomes modifiable by the unprivileged user. By using Windows pseudo-symlink, these files can be pointed to other places in the system and thus malicious users will be able to elevate privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netskope | Netskope Client |
Version: 95, 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2023-002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4149",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T17:04:43.872061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T17:05:07.261Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Netskope Client",
"vendor": "Netskope",
"versions": [
{
"status": "affected",
"version": "95, 0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Netskope credits Dawson Medin from Mandiant for reporting this flaw."
}
],
"datePublic": "2023-06-15T06:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\\SYSTEM which writes log files to a writable directory (C:\\Users\\Public\\netSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits permission giving all users full access control list. Netskope client restricts access to this file by allowing only read permissions as a standard user. Whenever the Netskope client service restarts, it deletes the logplaceholder and recreates, creating a race condition, which can be exploited by a malicious local user to create the file and set ACL permissions on the file. Once the file is created by a malicious user with proper ACL permissions, all files within C:\\Users\\Public\\netSkope\\ becomes modifiable by the unprivileged user. By using Windows pseudo-symlink, these files can be pointed to other places in the system and thus malicious users will be able to elevate privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\\SYSTEM which writes log files to a writable directory (C:\\Users\\Public\\netSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits permission giving all users full access control list. Netskope client restricts access to this file by allowing only read permissions as a standard user. Whenever the Netskope client service restarts, it deletes the logplaceholder and recreates, creating a race condition, which can be exploited by a malicious local user to create the file and set ACL permissions on the file. Once the file is created by a malicious user with proper ACL permissions, all files within C:\\Users\\Public\\netSkope\\ becomes modifiable by the unprivileged user. By using Windows pseudo-symlink, these files can be pointed to other places in the system and thus malicious users will be able to elevate privileges.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNetskope is not aware of any public disclosure and exploitation of this vulnerability at the time of publication.\u0026nbsp;\u003c/p\u003e"
}
],
"value": "Netskope is not aware of any public disclosure and exploitation of this vulnerability at the time of publication.\u00a0\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T06:44:27.310Z",
"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"shortName": "Netskope"
},
"references": [
{
"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2023-002"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetskope has patched the vulnerability and released a binary with a fix. Customers are recommended to upgrade their Netskope clients to v100 or later. Netskope download Instructions \u2013 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.netskope.com/s/article/Download-Netskope-Client-and-Scripts\"\u003eDownload Netskope Client and Scripts \u2013 Netskope Support\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Netskope has patched the vulnerability and released a binary with a fix. Customers are recommended to upgrade their Netskope clients to v100 or later. Netskope download Instructions \u2013 Download Netskope Client and Scripts \u2013 Netskope Support https://support.netskope.com/s/article/Download-Netskope-Client-and-Scripts \n"
}
],
"source": {
"advisory": "NSKPSA-2023-002",
"defect": [
"NSKPSA-2023-002"
],
"discovery": "EXTERNAL"
},
"title": "Local privilege escalation using log file",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Netskope recommends using hardening guidelines listed here -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u2013 \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.netskope.com/en/netskope-client-hardening.html\"\u003ehttps://docs.netskope.com/en/netskope-client-hardening.html\u003c/a\u003e\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Netskope recommends using hardening guidelines listed here -\u00a0\u2013 https://docs.netskope.com/en/netskope-client-hardening.html https://docs.netskope.com/en/netskope-client-hardening.html \u00a0\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"assignerShortName": "Netskope",
"cveId": "CVE-2022-4149",
"datePublished": "2023-06-15T06:44:25.434Z",
"dateReserved": "2022-11-28T12:19:11.243Z",
"dateUpdated": "2024-12-12T17:05:07.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29542 (GCVE-0-2023-29542)
Vulnerability from
Published
2023-06-19 10:03
Modified
2024-12-11 15:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Bypass of file download extension restrictions
Summary
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.
*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Version: unspecified < 112 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:38.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810793"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1815062"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T15:45:52.899951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T15:47:00.715Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Shaheen Fazim and Ameen Basha M K"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\u003c/p\u003e\u003cp\u003e*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox\u0026nbsp;and Thunderbird are unaffected.* This vulnerability affects Firefox \u0026lt; 112, Firefox ESR \u0026lt; 102.10, and Thunderbird \u0026lt; 102.10.\u003c/p\u003e"
}
],
"value": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox\u00a0and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass of file download extension restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T10:04:30.935Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810793"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1815062"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-29542",
"datePublished": "2023-06-19T10:03:32.039Z",
"dateReserved": "2023-04-07T19:49:37.877Z",
"dateUpdated": "2024-12-11T15:47:00.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29532 (GCVE-0-2023-29532)
Vulnerability from
Published
2023-06-19 09:58
Modified
2024-12-11 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Mozilla Maintenance Service Write-lock bypass
Summary
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.
*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Version: unspecified < 112 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:38.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806394"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29532",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T15:43:12.550689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T15:44:37.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Holger Fuhrmannek"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\u003c/p\u003e\u003cp\u003e*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u0026lt; 112, Firefox ESR \u0026lt; 102.10, and Thunderbird \u0026lt; 102.10.\u003c/p\u003e"
}
],
"value": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Mozilla Maintenance Service Write-lock bypass",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T09:59:42.627Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806394"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-29532",
"datePublished": "2023-06-19T09:58:03.748Z",
"dateReserved": "2023-04-07T19:49:37.876Z",
"dateUpdated": "2024-12-11T15:44:37.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52537 (GCVE-0-2024-52537)
Vulnerability from
Published
2024-12-11 07:26
Modified
2024-12-11 15:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Summary
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Dell Client Platform BIOS |
Version: N/A ≤ Version: N/A ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T15:32:58.624878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T15:33:08.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell Client Platform BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.00.44, 1.00.28",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.00.23,1.00.28",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank Sandro Poppi for reporting this issue"
}
],
"datePublic": "2024-12-10T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges."
}
],
"value": "Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T07:26:36.371Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000227591/dsa-2024-351"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-52537",
"datePublished": "2024-12-11T07:26:36.371Z",
"dateReserved": "2024-11-12T06:04:07.775Z",
"dateUpdated": "2024-12-11T15:33:08.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49546 (GCVE-0-2024-49546)
Vulnerability from
Published
2024-12-10 20:51
Modified
2024-12-11 14:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read ()
Summary
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | InDesign Desktop |
Version: 0 ≤ ID18.5.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49546",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T14:40:00.713491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T14:51:15.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "InDesign Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "ID18.5.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:51:07.311Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "InDesign Desktop | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49546",
"datePublished": "2024-12-10T20:51:07.311Z",
"dateReserved": "2024-10-15T15:35:47.037Z",
"dateUpdated": "2024-12-11T14:51:15.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49549 (GCVE-0-2024-49549)
Vulnerability from
Published
2024-12-10 20:51
Modified
2024-12-11 14:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read ()
Summary
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | InDesign Desktop |
Version: 0 ≤ ID18.5.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T14:39:58.260164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T14:51:04.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "InDesign Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "ID18.5.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:51:08.085Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "InDesign Desktop | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49549",
"datePublished": "2024-12-10T20:51:08.085Z",
"dateReserved": "2024-10-15T15:35:47.038Z",
"dateUpdated": "2024-12-11T14:51:04.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23472 (GCVE-0-2023-23472)
Vulnerability from
Published
2024-12-11 12:14
Modified
2024-12-11 14:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-497 - Exposure of System Data to an Unauthorized Control Sphere
Summary
IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T14:43:37.611354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T14:43:47.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "InfoSphere Information Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.\u003c/span\u003e"
}
],
"value": "IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of System Data to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T12:14:54.975Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6988167"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM InfoSphere Information Server information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-23472",
"datePublished": "2024-12-11T12:14:54.975Z",
"dateReserved": "2023-01-12T16:24:46.603Z",
"dateUpdated": "2024-12-11T14:43:47.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49548 (GCVE-0-2024-49548)
Vulnerability from
Published
2024-12-10 20:51
Modified
2024-12-10 21:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read ()
Summary
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe | InDesign Desktop |
Version: 0 ≤ ID18.5.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T21:26:58.501004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:27:08.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "InDesign Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "ID18.5.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:51:09.654Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "InDesign Desktop | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49548",
"datePublished": "2024-12-10T20:51:09.654Z",
"dateReserved": "2024-10-15T15:35:47.038Z",
"dateUpdated": "2024-12-10T21:27:08.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 1821 - 1830 organizations in total 1855