CVE-2024-41858

Name of the Vulnerable Software and Affected Versions InCopy versions 19.4 and earlier InCopy version 18.5.2

Description The issue is an Integer Overflow or Wraparound that could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious file.

Recommendations For InCopy version 18.5.2, update to a version later than 18.5.2 to resolve the issue. For InCopy versions prior to 19.4, update to a version later than 19.4 to resolve the issue. As a temporary workaround, consider avoiding the opening of files from untrusted sources until a patch is available.