Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Git local configuration leading to Arbitrary Code Execution upon opening .ste file | Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) |
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 03 Dec 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Microsoft Microsoft windows |
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-05-16T11:36:01.484Z
Updated: 2024-12-12T17:22:09.719Z
Reserved: 2024-03-26T16:04:09.510Z
Link: CVE-2024-30314
Vulnrichment
Updated: 2024-08-02T01:32:07.020Z
NVD
Status : Analyzed
Published: 2024-05-16T12:15:13.280
Modified: 2024-12-12T21:10:42.107
Link: CVE-2024-30314
Redhat
No data.