Unrated severityNVD Advisory· Published Oct 9, 2024· Updated Oct 9, 2024
Substance3D - Stager | Write-what-where Condition (CWE-123)
CVE-2024-45142
Description
Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected products
2- Range: <=3.0.3
- Range: 0
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/substance3d_stager/apsb24-81.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.