CVE-2023-29308

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 12, 2023

Updated: Jul 19, 2023

CWE ID 787

Summary

CVE-2023-29308 is a newly disclosed vulnerability affecting Adobe InDesign versions ID18.3 and earlier, as well as ID17.4.1 and earlier. This issue represents an out-of-bounds write vulnerability, allowing a maliciously crafted file to trigger arbitrary code execution within the affected software. The exploitation of this weakness necessitates user interaction, specifically opening the malicious file to compromise the system in the context of the current user.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe InDesign

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9L4XI
https://www.cve.org/CVERecord?id=CVE-2023-29308
https://nvd.nist.gov/vuln/detail/CVE-2023-29308

Back to Vulnerability Database