CVE-2025-27185

After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

18 Apr 2025, 14:38

Type Values Removed Values Added
References () https://helpx.adobe.com/security/products/after_effects/apsb25-23.html - () https://helpx.adobe.com/security/products/after_effects/apsb25-23.html - Vendor Advisory
First Time Microsoft
Adobe after Effects
Adobe
Apple macos
Microsoft windows
Apple
CPE cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

09 Apr 2025, 20:03

Type Values Removed Values Added
Summary
  • (es) Las versiones 25.1, 24.6.4 y anteriores de After Effects se ven afectadas por una vulnerabilidad de desreferencia de puntero nulo que podría provocar una denegación de servicio (DSP) en la aplicación. Un atacante podría explotar esta vulnerabilidad para bloquear la aplicación y provocar una DSP. Para explotar este problema, es necesario que la víctima abra un archivo malicioso.

08 Apr 2025, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-08 18:15

Updated : 2025-04-18 14:38


NVD link : CVE-2025-27185

Mitre link : CVE-2025-27185

CVE.ORG link : CVE-2025-27185


JSON object : View

Products Affected

apple

  • macos

microsoft

  • windows

adobe

  • after_effects
CWE
CWE-476

NULL Pointer Dereference