CVE-2022-30656

Description

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Related CPE's

aadobeincopy********

aadobeincopy********

omicrosoftwindows-*******

oapplemacos-*******

References

https://helpx.adobe.com/security/products/incopy/apsb22-29.html

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

9.300000190734863

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io