CVE-2017-11302Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Indesign

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
2.9%
top 13.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Indesign
Timeline
PublishedDec 9
Latest updateMay 14

Description

An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDadobe/indesign12.1.0

🔴Vulnerability Details

2
GHSA
GHSA-4f88-x3x5-4xc4: An issue was discovered in Adobe InDesign 122022-05-14
CVEList
CVE-2017-11302: An issue was discovered in Adobe InDesign 122017-12-09
CVE-2017-11302 — Adobe Indesign vulnerability | cvebase