VYPR
Unrated severityNVD Advisory· Published Mar 11, 2025· Updated Mar 11, 2025

InDesign Desktop | NULL Pointer Dereference (CWE-476)

CVE-2025-27176

Description

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected products

2
  • Adobe Inc./Indesignllm-fuzzy2 versions
    <= ID20.1+ 1 more
    • (no CPE)range: <= ID20.1
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.