Skip to main content

Incopy CVE-2025-47107

| EUVDEUVD-2025-17811 HIGH
Heap-based Buffer Overflow (CWE-122)
2025-06-10 psirt@adobe.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17811
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 19:15 nvd
HIGH 7.8

DescriptionCVE.org

InCopy versions 20.2, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Heap-based buffer overflow vulnerability in Adobe InCopy versions 20.2, 19.5.3 and earlier that allows arbitrary code execution with the privileges of the current user. The vulnerability requires user interaction (opening a malicious file) and presents a high-severity risk due to its direct code execution capability; exploitation likelihood and real-world attack status cannot be fully assessed without KEV confirmation or public POC availability.

Technical ContextAI

The vulnerability exists as a CWE-122 (Heap-based Buffer Overflow) in Adobe InCopy, a professional writing and editing component of the Creative Cloud suite. Heap-based buffer overflows occur when data written to a heap buffer exceeds its allocated size, corrupting adjacent heap metadata and potentially allowing attackers to overwrite function pointers, virtual method tables, or other critical data structures. The affected CPE likely corresponds to cpe:2.3:a:adobe:incopy:* with version constraints <=20.2 and <=19.5.3 (legacy branch). InCopy's file parsing routines (likely handling native .icml or linked document formats) fail to perform adequate bounds checking during buffer operations, enabling an attacker to craft a malicious document that triggers the overflow when processed.

RemediationAI

  • action: Apply vendor patch; details: Update Adobe InCopy to a patched version released after CVE-2025-47107 disclosure. Check Adobe's official security bulletin for specific build numbers. Versions >20.2 and >19.5.3 (if still supported) should resolve the heap buffer overflow.
  • action: Restrict document sources; details: Implement organizational policy to open InCopy documents (.icml, linked files) only from trusted sources until patching is complete. Use file isolation tools or sandboxed environments for document preview/review from untrusted senders.
  • action: Monitor for exploitation indicators; details: Analyze system logs for unexpected process spawning from InCopy, unusual memory access patterns, or application crashes. Endpoint Detection and Response (EDR) tools should flag heap exploitation techniques.
  • action: Vendor advisory reference; details: Consult Adobe Security Advisory (APSB-2025-XX or equivalent) for definitive patch versions, timeline, and workaround specifics. Adobe typically publishes patches on Patch Tuesday or ad-hoc for critical vulnerabilities.

More in Incopy

View all
CVE-2021-21090 HIGH
8.8 Jun 28

Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. Rate

CVE-2025-21156 HIGH
7.8 Feb 11

InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that co

CVE-2025-30327 HIGH
7.8 Jun 10

CVE-2025-30327 is an integer overflow vulnerability in Adobe InCopy that enables arbitrary code execution with the privi

CVE-2025-47099 HIGH
7.8 Jul 08

InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in

CVE-2025-47098 HIGH
7.8 Jul 08

InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could res

CVE-2025-47097 HIGH
7.8 Jul 08

InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that co

CVE-2026-21281 HIGH
7.8 Jan 13

Arbitrary code execution in Adobe InCopy versions 21.0, 19.5.5 and earlier through a heap-based buffer overflow when use

CVE-2026-34631 HIGH
7.8 Apr 14

Arbitrary code execution in Adobe InCopy 20.5.2, 21.2 and earlier allows unauthenticated local attackers to execute mali

CVE-2026-27287 HIGH
7.8 Apr 14

Out-of-bounds read in Adobe InCopy 20.5.2, 21.2 and earlier allows arbitrary code execution when users open malicious fi

CVE-2026-34707 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InCopy versions 21.3, 20.5.3 and earlier occurs when a user opens a maliciously crafte

CVE-2026-34706 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InCopy 21.3, 20.5.3, and earlier allows attackers to run code as the current user when

CVE-2026-34708 HIGH
7.8 Jun 09

Stack-based buffer overflow in Adobe InCopy 21.3, 20.5.3 and earlier enables arbitrary code execution in the context of

Share

CVE-2025-47107 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy