Vulnerability Details CVE-2024-52990
Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite ('Buffer Underflow') vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulate memory in such a way that they could execute code under the privileges of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.6%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2024-52990
-
cpe:2.3:a:adobe:animate:23.0.0
-
cpe:2.3:a:adobe:animate:23.0.1
-
cpe:2.3:a:adobe:animate:23.0.2
-
cpe:2.3:a:adobe:animate:23.0.4
-
cpe:2.3:a:adobe:animate:23.0.5
-
cpe:2.3:a:adobe:animate:23.0.6
-
cpe:2.3:a:adobe:animate:23.0.7
-
cpe:2.3:a:adobe:animate:23.0.8
-
cpe:2.3:a:adobe:animate:24.0.0
-
cpe:2.3:a:adobe:animate:24.0.1
-
cpe:2.3:a:adobe:animate:24.0.2
-
cpe:2.3:a:adobe:animate:24.0.3
-
cpe:2.3:a:adobe:animate:24.0.4
-
cpe:2.3:a:adobe:animate:24.0.5
-
cpe:2.3:o:apple:macos:-
-
cpe:2.3:o:microsoft:windows:-