CVE-2024-47425: Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
First published: Wed Oct 09 2024(Updated: )
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Adobe FrameMaker | <2020.7 | |
| Adobe FrameMaker | >=2022<2022.5 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-47425?
CVE-2024-47425 has a high severity rating due to its potential for arbitrary code execution.
How do I fix CVE-2024-47425?
To fix CVE-2024-47425, upgrade to Adobe Framemaker version 2020.7 or 2022.5 or later.
What versions of Adobe Framemaker are affected by CVE-2024-47425?
Adobe Framemaker versions 2020.6, 2022.4, and earlier are affected by CVE-2024-47425.
What type of vulnerability is CVE-2024-47425?
CVE-2024-47425 is classified as an Integer Underflow vulnerability.
Does CVE-2024-47425 require user interaction to exploit?
Yes, exploitation of CVE-2024-47425 requires user interaction.
- agent/weakness
- agent/title
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe framemaker
- version/adobe framemaker/2022
- vendor/microsoft
- canonical/microsoft windows