CVE-2020-9726Out-of-bounds Read in Adobe Framemaker

CWE-125Out-of-bounds Read3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
2.9%
top 13.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Framemaker
Timeline
PublishedSep 10
Latest updateMay 24

Description

Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious FrameMaker file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:LExploitability: 1.8 | Impact: 4.2

Affected Packages2 packages

CVEListV5adobe/framemakerunspecified2019.0.6+1
NVDadobe/framemaker2019.0.6

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-qc3j-p935-x73x: Adobe FrameMaker version 20192022-05-24
CVEList
FrameMaker File Parsing Out-Of-Bounds Read Vulnerability2020-09-10
CVE-2020-9726 — Out-of-bounds Read in Adobe Framemaker | cvebase