Access of Resource Using Incompatible Type (‘Type Confusion’) (CWE-843<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 8.6<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:C\/C:H\/I:H\/A:H<\/td> CVE-2024-45112<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\nCVE-2024-45112 was reported by an anonymous researcher and the researcher Haifei Li of EXPMON and Check Point Research reported the\u00a0flaw CVE-2024-41869.<\/gwmw><\/p>\n\n\n\n
The company also fixed the following critical flaws<\/a> in Photoshop<\/p>\n\n\n\n
Vulnerability Category<\/strong><\/th> Vulnerability Impact<\/strong><\/th> Severity<\/strong><\/th> CVSS base score<\/strong> <\/th> CVSS vector<\/strong><\/a><\/th> CVE Number<\/strong><\/th><\/tr> Heap-based Buffer Overflow (CWE-122<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-43756<\/td><\/tr> Out-of-bounds Write (CWE-787<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-43760<\/td><\/tr> Out-of-bounds Write (CWE-787<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-45108<\/td><\/tr> Out-of-bounds Write (CWE-787<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-45109<\/td><\/tr> Out-of-bounds Read (CWE-125<\/a>)<\/td> Memory leak<\/td> Important<\/td> 5.5<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N<\/td> CVE-2024-45110<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\nand in the Illustrator software<\/p>\n\n\n\n
Vulnerability Category<\/th> Vulnerability Impact<\/th> Severity<\/th> CVSS base score<\/strong> <\/th> CVSS vector<\/strong><\/a><\/th> CVE Numbers<\/th><\/tr> Integer Underflow (Wrap or Wraparound) (CWE-191<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-41857<\/td><\/tr> Integer Overflow or Wraparound (CWE-190<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-34121<\/td><\/tr> Improper Input Validation (CWE-20<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-41856<\/td><\/tr> Out-of-bounds Write (CWE-787<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-45114<\/td><\/tr> Use After Free (CWE-416<\/a>)<\/td> Arbitrary code execution<\/td> Critical<\/td> 7.8<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/td> CVE-2024-43758<\/td><\/tr> Out-of-bounds Read (CWE-125<\/a>)<\/td> Memory leak<\/td> Important<\/td> 5.5<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N<\/td> CVE-2024-45111<\/td><\/tr> NULL Pointer Dereference (CWE-476<\/a>)<\/td> Application denial-of-service<\/td> Moderate<\/td> 3.3<\/td> CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:L<\/td> CVE-2024-43759<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\nFollow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong> SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Adobe<\/a>)<\/strong><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"
Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multiple vulnerabilities in its products, including critical flaws that could allow attackers to execute arbitrary code on Windows and macOS systems. The most severe vulnerabilities are two critical memory […]<\/p>\n","protected":false},"author":1,"featured_media":107434,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,55],"tags":[4112,9508,9506,10918,687,841,1533],"class_list":["post-168313","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-security","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司