First published: Tue Nov 12 2024(Updated: )
Bridge versions 13.0.9, 14.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Adobe Bridge CC | <=13.0.9 | |
Adobe Bridge CC | >=14.0.0<14.1.3 | |
Any of | ||
macOS | ||
Microsoft Windows Operating System |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-47458 is classified as a high severity vulnerability due to its potential to cause application denial-of-service.
To fix CVE-2024-47458, update Adobe Bridge to version 14.1.3 or later.
CVE-2024-47458 affects Adobe Bridge versions 13.0.9 and 14.1.2 and earlier.
Yes, CVE-2024-47458 can be exploited remotely by an attacker to crash the application.
If CVE-2024-47458 is exploited, it could lead to a denial of service condition, crashing the affected application.