First published: Thu Sep 10 2020(Updated: )
Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious FrameMaker file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Framemaker | <=2019.0.6 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9726 is an out-of-bounds read vulnerability in Adobe FrameMaker version 2019.0.6 (and earlier versions).
CVE-2020-9726 could be exploited to read past the end of an allocated buffer in Adobe FrameMaker, potentially leading to a crash or disclosure of sensitive information.
The severity of CVE-2020-9726 is medium, with a CVSS score of 6.1.
The affected software of CVE-2020-9726 is Adobe FrameMaker version 2019.0.6 and earlier.
To mitigate CVE-2020-9726, update Adobe FrameMaker to a version that is not affected by the vulnerability.