admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/44xxx/CVE-2023-44328.json

113 lines
4.3 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2023-09-28 17:00:33 +00:00
{
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2023-09-28 17:00:33 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-44328",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2023-09-28 17:00:33 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"value": "Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Bridge",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "14.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/bridge/apsb23-57.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/bridge/apsb23-57.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"-Synchronized-Data."
2023-12-04 16:00:34 +00:00
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"confidentialityRequirement": "NOT_DEFINED",
"-Synchronized-Data."
2023-12-04 16:00:34 +00:00
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"-Synchronized-Data."
2023-12-04 16:00:34 +00:00
"modifiedConfidentialityImpact": "HIGH",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"-Synchronized-Data."
2023-12-04 16:00:34 +00:00
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"userInteraction": "REQUIRED",
"-Synchronized-Data."
2023-12-04 16:00:34 +00:00
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"-Synchronized-Data."
2023-11-16 15:00:34 +00:00
"version": "3.1"
"-Synchronized-Data."
2023-09-28 17:00:33 +00:00
}
]
}
}
Reference in New Issue Copy Permalink