CVE-2022-28842

Description

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Related CPE's

aadobebridge********

omicrosoftwindows-*******

oapplemacos-*******

References

https://helpx.adobe.com/security/products/bridge/apsb22-25.html

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

9.300000190734863

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io