Rewterz Threat Alert – Energetic Bear APT Group – Active IOCs
March 9, 2022Rewterz Threat Advisory – CVE-2021-39708 – Google Android Vulnerability
March 10, 2022Severity
High
Analysis Summary
CVE-2022-23187
Adobe Illustrator is vulnerable to a buffer overflow. By persuading a victim to open a specially-crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2022-24095
Adobe After Effects is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing video files. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code in the context of the current process.
CVE-2022-24096
Adobe After Effects is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing video files. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code in the context of the current process.
CVE-2022-24097
Adobe After Effects is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing video files. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code in the context of the current process
Impact
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2022-23187
- CVE-2022-24095
- CVE-2022-24096
- CVE-2022-24097
Affected Products
- Adobe Illustrator 2022 26.0.3
- Adobe After Effects 22.2
- Adobe After Effects 18.4.4
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.