Total
68 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-9731 | 2 Adobe, Apple | 2 Indesign, Macos | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user. | |||||
CVE-2020-9729 | 2 Adobe, Apple | 2 Indesign, Macos | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user. | |||||
CVE-2019-7107 | 3 Adobe, Apple, Microsoft | 3 Indesign, Mac Os X, Windows | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2. | |||||
CVE-2018-4928 | 3 Adobe, Apple, Microsoft | 3 Indesign, Mac Os X, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
CVE-2018-4927 | 3 Adobe, Apple, Microsoft | 3 Indesign, Mac Os X, Windows | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation. | |||||
CVE-2017-11302 | 1 Adobe | 1 Indesign | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2016-7886 | 3 Adobe, Apple, Microsoft | 4 Indesign, Indesign Server, Macos and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2006-0525 | 1 Adobe | 9 Acrobat, Acrobat Reader, Creative Suite and 6 more | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. |