Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
_____________________________________________________________________
Description
Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
__________________________________________________________
Description
Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
_____________________________________________________________
Description
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.3 HIGH
https://helpx.adobe.com/security/products/incopy/apsb23-08.html
CVE-2023-21801 Description Microsoft PostScript Printer Driver Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21801 CVE-2023-21777 Description Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability Base Score: 8.7 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21777 CVE-2023-21718 Description Microsoft SQL ODBC Driver Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21718 CVE-2023-21707 Description Microsoft Exchange Server Remote […]
CVE-2020-14349 Description It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. Base Score: 7.1 […]
CVE-2020-7346 Description Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker’s choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL […]
Leave a Reply