Adobe: >> Indesign >> 4.0.0 Security Vulnerabilities
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.038
Published
2020-09-10
Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.
CVSS Score
9.8
EPSS Score
0.064
Published
2019-05-23
Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.
CVSS Score
7.8
EPSS Score
0.017
Published
2018-05-19
Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.022
Published
2018-05-19
An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.108
Published
2017-12-09
Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.097
Published
2016-12-15
Page 12