Adobe Bridge
Monthly
Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.
Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. The CVSS 7.8 (High) rating reflects full confidentiality, integrity, and availability impact once a victim is socially engineered into opening the file.
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.
Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-of-bounds write (CWE-787) that executes attacker-controlled code in the context of the current user. The flaw affects Adobe Bridge as reported by Adobe (advisory APSB26-81) and is rated CVSS 7.8; no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is local and hinges entirely on user interaction - the victim must open the malicious file.
Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.
Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. The CVSS 7.8 (High) rating reflects full confidentiality, integrity, and availability impact once a victim is socially engineered into opening the file.
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.
Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-of-bounds write (CWE-787) that executes attacker-controlled code in the context of the current user. The flaw affects Adobe Bridge as reported by Adobe (advisory APSB26-81) and is rated CVSS 7.8; no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is local and hinges entirely on user interaction - the victim must open the malicious file.