InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue requires user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/incopy/apsb24-79.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
18 Oct 2024, 14:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adobe
Microsoft windows Adobe incopy Apple macos Apple Microsoft |
|
References | () https://helpx.adobe.com/security/products/incopy/apsb24-79.html - Vendor Advisory | |
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:incopy:*:*:*:*:*:*:*:* |
10 Oct 2024, 12:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-09 15:15
Updated : 2024-10-18 14:20
NVD link : CVE-2024-45136
Mitre link : CVE-2024-45136
CVE.ORG link : CVE-2024-45136
JSON object : View
Products Affected
apple
- macos
adobe
- incopy
microsoft
- windows
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type