Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
Mon, 16 Sep 2024 11:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Microsoft Microsoft windows |
Fri, 13 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe media Encoder |
|
CPEs | cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:* | |
Vendors & Products |
Adobe
Adobe media Encoder |
|
Metrics |
ssvc
|
Fri, 13 Sep 2024 07:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Media Encoder | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-09-13T07:00:17.433Z
Updated: 2024-12-12T17:26:59.468Z
Reserved: 2024-07-22T17:16:40.942Z
Link: CVE-2024-41871
Vulnrichment
Updated: 2024-09-13T14:09:34.023Z
NVD
Status : Modified
Published: 2024-09-13T07:15:04.097
Modified: 2024-12-12T18:15:24.320
Link: CVE-2024-41871
Redhat
No data.