CVE-2024-39390

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024

Updated: Aug 19, 2024

CWE ID 787

Summary

CVE-2024-39390 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions ID19.4 and ID18.5.2, and older releases. This out-of-bounds write issue allows an attacker to execute arbitrary code when a user opens a malicious file. The vulnerability could lead to significant security risks, as successful exploitation occurs in the context of the current user. InDesign users are strongly advised to update their software to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Indesign CS
Adobe InDesign

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wovELe
https://www.cve.org/CVERecord?id=CVE-2024-39390
https://nvd.nist.gov/vuln/detail/CVE-2024-39390

Back to Vulnerability Database