VYPR
Unrated severityNVD Advisory· Published Sep 10, 2020· Updated Sep 17, 2024

FrameMaker File Parsing Stack-based Buffer Overflow

CVE-2020-9725

Description

Adobe FrameMaker version 2019.0.6 (and earlier versions) lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This could be exploited to execute arbitrary code with the privileges of the current user. User interaction is required to exploit this vulnerability in that the target must open a malicious FrameMaker file.

Affected products

2
  • Adobe Inc./Framemakerllm-fuzzy2 versions
    <=2019.0.6+ 1 more
    • (no CPE)range: <=2019.0.6
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.