CVE-2024-39395

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2024

Updated: Aug 19, 2024

CWE ID 476

Summary

CVE-2024-39395 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions ID19.4 and ID18.5.2, and older releases. This issue involves a NULL Pointer Dereference vulnerability, which an attacker can exploit to cause an application denial-of-service (DoS) condition. To execute this attack, the attacker needs the victim to open a specially crafted file, making user interaction a prerequisite for exploitation. This vulnerability could lead to unwanted downtime or disruptions for affected users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Indesign CS
Adobe InDesign

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wowBmz
https://www.cve.org/CVERecord?id=CVE-2024-39395
https://nvd.nist.gov/vuln/detail/CVE-2024-39395

Back to Vulnerability Database