First published: Fri Jan 13 2023(Updated: )
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Incopy | >=17.0<=17.4 | |
Adobe Incopy | =18.0 | |
Apple macOS | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Adobe InCopy vulnerability is CVE-2023-21598.
The severity of CVE-2023-21598 is medium (5.5).
The affected software for CVE-2023-21598 is Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier).
CVE-2023-21598 has the potential to lead to disclosure of sensitive memory and bypass mitigations such as ASLR.
Exploitation of CVE-2023-21598 requires user interaction.