Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
18 Oct 2024, 14:14
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adobe
Adobe framemaker Microsoft windows Microsoft |
|
References | () https://helpx.adobe.com/security/products/framemaker/apsb24-82.html - Vendor Advisory | |
CPE | cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
10 Oct 2024, 12:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-09 15:15
Updated : 2024-10-18 14:14
NVD link : CVE-2024-47422
Mitre link : CVE-2024-47422
CVE.ORG link : CVE-2024-47422
JSON object : View
Products Affected
microsoft
- windows
adobe
- framemaker
CWE
CWE-426
Untrusted Search Path