CVE-2023-29283
First published: Thu May 11 2023(Updated: )
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Substance 3D Painter | <=8.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-29283?
The severity of CVE-2023-29283 is rated as high with a score of 7.8.
What is the description of CVE-2023-29283?
CVE-2023-29283 is a Heap-based Buffer Overflow vulnerability in Adobe Substance 3D Painter versions 8.3.0 and earlier that could lead to arbitrary code execution with user interaction.
How does CVE-2023-29283 affect Adobe Substance 3D Painter?
CVE-2023-29283 affects Adobe Substance 3D Painter versions 8.3.0 and earlier by allowing arbitrary code execution in the context of the current user.
Is user interaction required to exploit CVE-2023-29283?
Yes, exploitation of CVE-2023-29283 requires user interaction as the victim must open a malicious file.
Where can I find more information about CVE-2023-29283?
For more information about CVE-2023-29283, you can refer to the Adobe Security bulletin APSB23-29.
- collector/nvd-index
- vendor/adobe
- product/substance 3d painter
- canonical/adobe substance 3d painter