CVE-2024-52987: Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
First published: Tue Dec 10 2024(Updated: )
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Adobe Animate | >=23.0.0<23.0.9 | |
| Adobe Animate | >=24.0.0<24.0.6 | |
| Any of | ||
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-52987?
CVE-2024-52987 is rated as critical due to the potential for arbitrary code execution.
How do I fix CVE-2024-52987?
To mitigate CVE-2024-52987, update Adobe Animate to version 23.0.9 or 24.0.6 or later.
Who is affected by CVE-2024-52987?
Users of Adobe Animate versions 23.0.8, 24.0.5 or earlier are affected by CVE-2024-52987.
What type of vulnerability is CVE-2024-52987?
CVE-2024-52987 is an Integer Underflow vulnerability.
Is user interaction required to exploit CVE-2024-52987?
Yes, exploitation of CVE-2024-52987 requires user interaction.
- agent/weakness
- agent/references
- agent/title
- agent/description
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe animate
- version/adobe animate/23.0.0
- version/adobe animate/24.0.0
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows