CVE-2024-30276: Adobe Audition 2024 M2V File Parsing Memory corruption
First published: Thu Jun 13 2024(Updated: )
Audition versions 24.2, 23.6.4 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Audition | <=23.6.4 | |
| Adobe Audition | =24.0 | |
| Adobe Audition | =24.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-30276?
CVE-2024-30276 is classified as a high-severity vulnerability due to its potential to disclose sensitive memory.
How do I fix CVE-2024-30276?
To fix CVE-2024-30276, update Adobe Audition to version 24.2 or later as soon as possible.
What versions of Adobe Audition are affected by CVE-2024-30276?
CVE-2024-30276 affects Adobe Audition versions 24.1, 24.0, and 23.6.4 and earlier.
What kind of attacks can CVE-2024-30276 enable?
CVE-2024-30276 can enable attackers to bypass security mitigations like ASLR through sensitive memory disclosure.
Is user interaction required for CVE-2024-30276 exploitation?
Yes, exploitation of CVE-2024-30276 requires user interaction to trigger the vulnerability.
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/adobe
- canonical/adobe audition
- version/adobe audition/23.6.4
- version/adobe audition/24.0
- version/adobe audition/24.1