Rewterz Threat Advisory – Multiple Adobe Illustrator Vulnerabilities
December 18, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
December 18, 2023Rewterz Threat Advisory – Multiple Adobe Illustrator Vulnerabilities
December 18, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
December 18, 2023Severity
Medium
Analysis Summary
CVE-2023-47076 CVSS:5.5
Adobe InDesign is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-47077 CVSS:5.5
Adobe InDesign could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Denial of Service
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-47076
- CVE-2023-47077
Affected Vendors
Adobe
Affected Products
- Adobe InDesign ID17.4.2
- Adobe InDesign ID19.0
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.