Home

CVE-2022-30655

Description

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.43

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Adobe InCopy 17.3Windows
Multiple vulnerabilities fixed in Adobe InCopy 16.4.2Windows
Multiple vulnerabilities are fixed in Adobe InCopy 17.3Windows
Multiple vulnerabilities are fixed in Adobe InCopy 16.4.2Windows
Multiple vulnerabilities are fixed in Adobe InCopy for Mac 16.4.2Mac
Multiple vulnerabilities are fixed in Adobe InCopy for Mac 17.3Mac

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234