Severity
Medium
Analysis Summary
CVE-2024-41872 CVSS:5.5
Adobe Media Encoder could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-45111 CVSS:5.5
Adobe Illustrator could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-45107 CVSS:5.5
Adobe Acrobat and Adobe Reader could allow a remote attacker to obtain sensitive information, caused by a use-after-free error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-41872
- CVE-2024-45111
- CVE-2024-45107
Affected Vendors
Affected Products
- Adobe Illustrator 2023 - 27.9.5
- Adobe Illustrator 2024 - 28.6
- Adobe Media Encoder 24.5
- Adobe Media Encoder 23.6.8
- Adobe Acrobat Reader - 0
- Adobe Media Encoder - 0
- Adobe Illustrator - 0
- Adobe Acrobat DC - 24.002.20991
- Adobe Acrobat 2024 - 24.001.30123
- Adobe Acrobat Reader 2020 - 20.005.30636
- Adobe Acrobat 2020 - 20.005.30636
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.