Unrated severityNVD Advisory· Published Aug 14, 2024· Updated Nov 16, 2024
ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2024-39388
Description
Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected products
1- Range: 0
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/substance3d_stager/apsb24-60.htmmitrevendor-advisory
News mentions
0No linked articles in our index yet.