InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue requires user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/incopy/apsb24-79.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
18 Oct 2024, 14:20
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:incopy:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
References | () https://helpx.adobe.com/security/products/incopy/apsb24-79.html - Vendor Advisory | |
First Time |
Adobe incopy
Apple macos Adobe Microsoft windows Microsoft Apple |
10 Oct 2024, 12:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-09 15:15
Updated : 2024-10-18 14:20
NVD link : CVE-2024-45136
Mitre link : CVE-2024-45136
CVE.ORG link : CVE-2024-45136
JSON object : View
Products Affected
apple
- macos
microsoft
- windows
adobe
- incopy
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type