First published: Fri Mar 11 2022(Updated: )
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe After Effects | >=18.0<18.4.5 | |
Adobe After Effects | >=22.0<22.2.1 | |
Apple macOS | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-24096.
The severity of CVE-2022-24096 is critical, with a CVSS score of 7.8.
Adobe After Effects versions 18.4.4 (and earlier) and 22.2 (and earlier) are affected.
CVE-2022-24096 could result in arbitrary code execution in the context of the current user.
Exploitation of CVE-2022-24096 requires user interaction, where a victim must open a malicious file.