CVE-2020-9748: Stack overflow vulnerability in Adobe Animate 20.5
First published: Wed Oct 21 2020(Updated: )
Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Animate | <=20.5 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for Adobe Animate?
The vulnerability ID for Adobe Animate is CVE-2020-9748.
What is the severity of CVE-2020-9748?
The severity of CVE-2020-9748 is critical (CVSS score 7.8).
What software versions are affected by CVE-2020-9748?
Adobe Animate version 20.5 and earlier are affected by CVE-2020-9748.
How does CVE-2020-9748 impact users?
CVE-2020-9748 could lead to arbitrary code execution in the context of the current user if a victim opens a crafted .fla file in Adobe Animate.
Where can I find more information about CVE-2020-9748?
You can find more information about CVE-2020-9748 on the Adobe Security Bulletin APSB20-61.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/title
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/tags
- vendor/adobe
- canonical/adobe animate
- version/adobe animate/20.5
- vendor/microsoft
- canonical/microsoft windows