CVE-2024-47459 — NULL Pointer Dereference in Adobe Substance 3D Sampler

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 70.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Substance 3D Sampler Adobe Substance3d Sampler

Timeline

PublishedOct 17

Description

Substance3D - Sampler versions 4.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDadobe/substance_3d_sampler< 4.5.1

▶CVEListV5adobe/substance3d_sampler4.5

🔴Vulnerability Details

CVEList

Substance3D - Sampler | NULL Pointer Dereference (CWE-476)↗2024-10-17

▶

GHSA

GHSA-2822-72rm-gg4h: Substance3D - Sampler versions 4↗2024-10-17

▶