CVE-2022-27784
published 2022-05-06CVE-2022-27784: Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | after_effects | <= 18.4.5 | — |
| adobe | after_effects | 22.0 – 22.2.1 | — |
| adobe | after_effects | unspecified – 22.2.1 | — |