CVE-2011-0615Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Audition

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.3CRITICALNVD
EPSS
8.0%
top 7.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Audition
Timeline
PublishedMay 16
Latest updateMay 17

Description

Multiple buffer overflows in Adobe Audition 3.0.1 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data in unspecified fields in the TRKM chunk in an Audition Session (aka .ses) file, related to inconsistent use of character data types.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDadobe/audition3.0.1+1

🔴Vulnerability Details

2
GHSA
GHSA-x737-xpxp-6ggm: Multiple buffer overflows in Adobe Audition 32022-05-17
CVEList
CVE-2011-0615: Multiple buffer overflows in Adobe Audition 32011-05-16

🔍Detection Rules

1
Suricata
ET WEB_CLIENT Adobe Audition Malformed Session File Buffer Overflow Attempt2011-06-09
CVE-2011-0615 — Adobe Audition vulnerability | cvebase