Skip to main content

Media Encoder CVE-2020-9649

MEDIUM
Out-of-bounds Read (CWE-125)
2020-07-17 psirt@adobe.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 17, 2020 - 00:15 nvd
MEDIUM 5.5

DescriptionNVD

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

AnalysisAI

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Affected products include: Adobe Media Encoder.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2019-8246 CRITICAL
9.8 Nov 14

Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9

CVE-2019-7842 HIGH
8.8 May 22

Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerabilit

CVE-2025-27195 HIGH
7.8 Apr 08

Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could re

CVE-2025-27194 HIGH
7.8 Apr 08

Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result i

CVE-2026-34640 HIGH
7.8 May 12

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that c

CVE-2026-34639 HIGH
7.8 May 12

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result

CVE-2024-49553 HIGH
7.8 Dec 10

Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result i

CVE-2024-49552 HIGH
7.8 Dec 10

Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could re

CVE-2024-49551 HIGH
7.8 Dec 10

Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result i

CVE-2024-39377 HIGH
7.8 Sep 13

Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result i

CVE-2024-20772 HIGH
7.8 Apr 10

Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could

CVE-2023-47043 HIGH
7.8 Nov 16

Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerabil

Share

CVE-2020-9649 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy