June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Cisco Products Vulnerabilities
September 17, 2024
Multiple Linux Kernel Vulnerabilities
September 17, 2024
Multiple Cisco Products Vulnerabilities
September 17, 2024
Multiple Linux Kernel Vulnerabilities
September 17, 2024
Severity
Medium
Analysis Summary
CVE-2024-39395 CVSS:5.5
Adobe InDesign is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-41866 CVSS:5.5
Adobe InDesign is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-45110 CVSS:5.5
Adobe Photoshop could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-41867 CVSS:5.5
Adobe After Effects could allow a remote attacker to obtain sensitive information, caused by a stack-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-43759 CVSS:3.3
Adobe Illustrator is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-41873 CVSS:5.5
Adobe Media Encoder could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-39385 CVSS:3.3
Adobe Premiere Pro could allow a remote attacker to obtain sensitive information, caused by a use-after-free error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-39395
- CVE-2024-41866
- CVE-2024-45110
- CVE-2024-41867
- CVE-2024-43759
- CVE-2024-41873
- CVE-2024-39385
Affected Vendors
Adobe
Affected Products
- Adobe InDesign Desktop - ID18.5.2
- Adobe InDesign Desktop - ID19.4
- Adobe Photoshop 2023 - 24.7.4
- Adobe Photoshop 2024 - 25.11
- Adobe After Effects - 24.5
- Adobe After Effects - 23.6.6
- Adobe Illustrator 2023 - 27.9.5
- Adobe Illustrator 2024 - 28.6
- Adobe Media Encoder 24.5
- Adobe Media Encoder 23.6.8
- Adobe Premiere Pro 24.5
- Adobe Premiere Pro 23.6.8
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.
