InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
History

Mon, 02 Dec 2024 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Microsoft
Microsoft windows
CPEs cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Microsoft
Microsoft windows

Fri, 09 Aug 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe indesign
CPEs cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*
Vendors & Products Adobe
Adobe indesign
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-08-02T06:47:07.019Z

Updated: 2024-08-09T15:28:26.947Z

Reserved: 2024-06-24T20:32:06.590Z

Link: CVE-2024-39396

cve-icon Vulnrichment

Updated: 2024-08-09T15:28:20.912Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-02T07:16:09.270

Modified: 2024-12-02T22:17:32.997

Link: CVE-2024-39396

cve-icon Redhat

No data.