admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/47xxx/CVE-2023-47054.json

113 lines
4.4 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2023-10-30 17:00:33 +00:00
{
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2023-10-30 17:00:33 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-47054",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"ASSIGNER": "psirt@adobe.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2023-10-30 17:00:33 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"value": "Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Uninitialized Pointer (CWE-824)",
"cweId": "CWE-824"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Adobe",
"product": {
"product_data": [
{
"product_name": "Audition",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "23.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/audition/apsb23-64.html",
"refsource": "MISC",
"name": "https://helpx.adobe.com/security/products/audition/apsb23-64.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"-Synchronized-Data."
2023-12-04 17:00:33 +00:00
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"confidentialityRequirement": "NOT_DEFINED",
"-Synchronized-Data."
2023-12-04 17:00:33 +00:00
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"-Synchronized-Data."
2023-12-04 17:00:33 +00:00
"modifiedConfidentialityImpact": "HIGH",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"-Synchronized-Data."
2023-12-04 17:00:33 +00:00
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"userInteraction": "REQUIRED",
"-Synchronized-Data."
2023-12-04 17:00:33 +00:00
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"-Synchronized-Data."
2023-11-16 16:00:35 +00:00
"version": "3.1"
"-Synchronized-Data."
2023-10-30 17:00:33 +00:00
}
]
}
}
Reference in New Issue Copy Permalink