PT-2022-5081 · Adobe · Bridge
Published
2022-09-13
·
Updated
2023-11-15
·
CVE-2022-35700
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe Bridge versions 12.0.2 and earlier
Adobe Bridge versions 11.1.3 and earlier
Description
The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. This vulnerability is associated with the parsing of SVG files in Adobe Bridge and requires user interaction, where a victim must open a malicious file to exploit the issue.
Recommendations
For Adobe Bridge versions 12.0.2 and earlier, update to a version that fixes the out-of-bounds write vulnerability.
For Adobe Bridge versions 11.1.3 and earlier, update to a version that fixes the out-of-bounds write vulnerability.
As a temporary workaround, consider avoiding the use of Adobe Bridge to open files from untrusted sources until a patch is available.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bridge