CVE-2022-38444

Name of the Vulnerable Software and Affected Versions Adobe Dimension version 3.4.5

Description The issue is related to a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. This vulnerability is associated with the analysis of SKP files in Adobe Dimension. Exploitation of this issue requires user interaction, where a victim must open a malicious file, potentially allowing an attacker to execute arbitrary code using a specially crafted file.

Recommendations For Adobe Dimension version 3.4.5, update to a version that fixes this issue to prevent exploitation. As a temporary workaround, consider avoiding the use of SKP files in Adobe Dimension until a patch is available. Restrict access to untrusted files to minimize the risk of exploitation.