Adobe Media Encoder
Monthly
Arbitrary code execution in Adobe Media Encoder arises from a stack-based buffer overflow (CWE-121) triggered when a victim opens a maliciously crafted media file, allowing an attacker to run code in the context of the current user. The CVSS 3.1 base score is 7.8 (local vector, user interaction required, no privileges needed). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is file-delivery-driven rather than remotely wormable.
Arbitrary code execution in Adobe Media Encoder is possible through an out-of-bounds write triggered when a victim opens a maliciously crafted media file, running attacker code in the context of the current user. The flaw was reported by Adobe and is addressed in advisory APSB26-72; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation hinges on user interaction (opening the file) and yields high impact to confidentiality, integrity, and availability.
Arbitrary code execution in Adobe Media Encoder is possible when a victim opens a maliciously crafted media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw is local and requires user interaction, so it is not remotely wormable, but successful exploitation grants full compromise of the user's session. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe published advisory APSB26-72 addressing the issue.
Media Encoder is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary code execution in Adobe Media Encoder arises from a stack-based buffer overflow (CWE-121) triggered when a victim opens a maliciously crafted media file, allowing an attacker to run code in the context of the current user. The CVSS 3.1 base score is 7.8 (local vector, user interaction required, no privileges needed). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is file-delivery-driven rather than remotely wormable.
Arbitrary code execution in Adobe Media Encoder is possible through an out-of-bounds write triggered when a victim opens a maliciously crafted media file, running attacker code in the context of the current user. The flaw was reported by Adobe and is addressed in advisory APSB26-72; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation hinges on user interaction (opening the file) and yields high impact to confidentiality, integrity, and availability.
Arbitrary code execution in Adobe Media Encoder is possible when a victim opens a maliciously crafted media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw is local and requires user interaction, so it is not remotely wormable, but successful exploitation grants full compromise of the user's session. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe published advisory APSB26-72 addressing the issue.
Media Encoder is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.