Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur when the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction, attack complexity is high.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe premiere Pro Apple Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Adobe
Adobe premiere Pro Apple Apple macos Microsoft Microsoft windows |
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-07-09T19:06:50.067Z
Updated: 2024-08-02T02:42:59.955Z
Reserved: 2024-04-30T19:50:50.908Z
Link: CVE-2024-34123
Vulnrichment
Updated: 2024-08-02T02:42:59.955Z
NVD
Status : Analyzed
Published: 2024-07-09T19:15:11.493
Modified: 2024-12-03T14:35:59.150
Link: CVE-2024-34123
Redhat
No data.