← Back

CVE-2024-53004

nvd nist
Published: Dec 10, 2024Modified: Dec 12, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: psirt@adobe.com (Secondary)

Description

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected (1)

Adobe
1 product
Substance 3d Modeler
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Substance 3d Modeler
Up to 1.14.1

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (1)

Source: psirt@adobe.com
Vendor Advisory

Timeline

No history available yet.