June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft Windows Products Vulnerabilities
May 20, 2024
Multiple Adobe Products Vulnerabilities
May 20, 2024
Multiple Microsoft Windows Products Vulnerabilities
May 20, 2024
Multiple Adobe Products Vulnerabilities
May 20, 2024
Severity
Medium
Analysis Summary
CVE-2024-30283 CVSS:5.5
Adobe FrameMaker could allow a remote attacker to obtain sensitive information, caused by a memory leak due to an out-of-bounds read flaw. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30286 CVSS:5.5
Adobe FrameMaker could allow a remote attacker to obtain sensitive information, caused by a memory leak due to an out-of-bounds read flaw. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30290 CVSS:7.8
Adobe FrameMaker could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2024-30292 CVSS:7.8
Adobe FrameMaker could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2024-30289 CVSS:7.8
Adobe FrameMaker is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2024-30288 CVSS:7.8
Adobe FrameMaker is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2024-30287 CVSS:5.5
Adobe FrameMaker could allow a remote attacker to obtain sensitive information, caused by a memory leak due to an out-of-bounds read flaw. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30291 CVSS:7.8
Adobe FrameMaker could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
Impact
- Information Disclosure
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-30283
- CVE-2024-30286
- CVE-2024-30290
- CVE-2024-30292
- CVE-2024-30289
- CVE-2024-30288
- CVE-2024-30287
- CVE-2024-30291
Affected Vendors
Adobe
Affected Products
- Adobe FrameMaker 2022 3
- Adobe FrameMaker 2020 5
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.