Skip to main content

Incopy CVE-2025-47099

| EUVDEUVD-2025-20715 HIGH
Heap-based Buffer Overflow (CWE-122)
2025-07-08 psirt@adobe.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 16, 2026 - 04:21 euvd
EUVD-2025-20715
Analysis Generated
Mar 16, 2026 - 04:21 vuln.today
CVE Published
Jul 08, 2025 - 23:15 nvd
HIGH 7.8

DescriptionCVE.org

InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Analysis

InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Technical ContextAI

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state. This vulnerability is classified as Heap-based Buffer Overflow (CWE-122).

RemediationAI

Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

More in Incopy

View all
CVE-2021-21090 HIGH
8.8 Jun 28

Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. Rate

CVE-2025-21156 HIGH
7.8 Feb 11

InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that co

CVE-2025-47107 HIGH
7.8 Jun 10

Heap-based buffer overflow vulnerability in Adobe InCopy versions 20.2, 19.5.3 and earlier that allows arbitrary code ex

CVE-2025-30327 HIGH
7.8 Jun 10

CVE-2025-30327 is an integer overflow vulnerability in Adobe InCopy that enables arbitrary code execution with the privi

CVE-2025-47098 HIGH
7.8 Jul 08

InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could res

CVE-2025-47097 HIGH
7.8 Jul 08

InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that co

CVE-2026-21281 HIGH
7.8 Jan 13

Arbitrary code execution in Adobe InCopy versions 21.0, 19.5.5 and earlier through a heap-based buffer overflow when use

CVE-2026-34631 HIGH
7.8 Apr 14

Arbitrary code execution in Adobe InCopy 20.5.2, 21.2 and earlier allows unauthenticated local attackers to execute mali

CVE-2026-27287 HIGH
7.8 Apr 14

Out-of-bounds read in Adobe InCopy 20.5.2, 21.2 and earlier allows arbitrary code execution when users open malicious fi

CVE-2026-34707 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InCopy versions 21.3, 20.5.3 and earlier occurs when a user opens a maliciously crafte

CVE-2026-34706 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InCopy 21.3, 20.5.3, and earlier allows attackers to run code as the current user when

CVE-2026-34708 HIGH
7.8 Jun 09

Stack-based buffer overflow in Adobe InCopy 21.3, 20.5.3 and earlier enables arbitrary code execution in the context of

Share

CVE-2025-47099 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy