Audition
Monthly
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, allowing an attacker to run code in the context of the current user. The flaw is Adobe-reported (advisory APSB26-71) and carries a CVSS 7.8 (High) rating; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, weaponization depends on social engineering rather than remote automated attack.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. The CVSS 3.1 base score is 7.8 (local vector, requires user interaction), and no public exploit has been identified at time of analysis. Reported by Adobe via advisory APSB26-71.
Audition is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (memory corruption) that runs in the context of the current user when a victim opens a maliciously crafted media/project file. All affected versions covered by Adobe advisory APSB26-71 are impacted, and while no public exploit has been identified at time of analysis, the local attack vector with required user interaction makes it a classic file-format weaponization risk. The CVSS 7.8 (High) reflects full confidentiality, integrity, and availability impact once the file is opened.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code in the context of the current user. The flaw was reported by Adobe and is documented in advisory APSB26-71; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, it is a file-format/client-side memory-corruption issue rather than a remotely-triggerable server flaw.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a user opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. Affects Adobe Audition and was reported by Adobe under advisory APSB26-71. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS not provided.
Adobe Audition versions 25.3 and earlier contain an out-of-bounds read vulnerability that exposes sensitive data from application memory when a user opens a crafted file. This local attack requires user interaction but carries no patch availability, leaving affected users vulnerable to information disclosure. The vulnerability affects confidentiality with medium severity (CVSS 5.5) and currently has no evidence of active exploitation.
Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.
Memory disclosure in Adobe Audition 25.3 and earlier through an out-of-bounds read vulnerability allows attackers to access sensitive information from process memory when a user opens a specially crafted file. Exploitation requires user interaction and does not enable code execution or system availability impact. No patch is currently available for this vulnerability.
Memory disclosure in Adobe Audition 25.3 and earlier stems from an out-of-bounds read flaw that could expose sensitive data from process memory. An attacker must trick a user into opening a specially crafted file to trigger the vulnerability, which requires no elevated privileges but offers no path to code execution or system availability impact.
Out-of-bounds memory read in Adobe Audition 25.3 and earlier enables attackers to extract sensitive data from process memory when a user opens a specially crafted file. No patch is currently available for this vulnerability, which requires user interaction to trigger but poses a confirmed risk to confidentiality. Local attackers can exploit this to disclose information without requiring elevated privileges or additional user actions beyond opening the malicious file.
Arbitrary code execution in Adobe Audition 25.3 and earlier through a local out-of-bounds write vulnerability that requires victims to open a specially crafted file. The vulnerability impacts all users running affected versions and allows attackers to execute code with the privileges of the current user. No patch is currently available.
Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.2, 23.6.4 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.0.3, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, allowing an attacker to run code in the context of the current user. The flaw is Adobe-reported (advisory APSB26-71) and carries a CVSS 7.8 (High) rating; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, weaponization depends on social engineering rather than remote automated attack.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. The CVSS 3.1 base score is 7.8 (local vector, requires user interaction), and no public exploit has been identified at time of analysis. Reported by Adobe via advisory APSB26-71.
Audition is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (memory corruption) that runs in the context of the current user when a victim opens a maliciously crafted media/project file. All affected versions covered by Adobe advisory APSB26-71 are impacted, and while no public exploit has been identified at time of analysis, the local attack vector with required user interaction makes it a classic file-format weaponization risk. The CVSS 7.8 (High) reflects full confidentiality, integrity, and availability impact once the file is opened.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code in the context of the current user. The flaw was reported by Adobe and is documented in advisory APSB26-71; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, it is a file-format/client-side memory-corruption issue rather than a remotely-triggerable server flaw.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a user opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. Affects Adobe Audition and was reported by Adobe under advisory APSB26-71. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS not provided.
Adobe Audition versions 25.3 and earlier contain an out-of-bounds read vulnerability that exposes sensitive data from application memory when a user opens a crafted file. This local attack requires user interaction but carries no patch availability, leaving affected users vulnerable to information disclosure. The vulnerability affects confidentiality with medium severity (CVSS 5.5) and currently has no evidence of active exploitation.
Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.
Memory disclosure in Adobe Audition 25.3 and earlier through an out-of-bounds read vulnerability allows attackers to access sensitive information from process memory when a user opens a specially crafted file. Exploitation requires user interaction and does not enable code execution or system availability impact. No patch is currently available for this vulnerability.
Memory disclosure in Adobe Audition 25.3 and earlier stems from an out-of-bounds read flaw that could expose sensitive data from process memory. An attacker must trick a user into opening a specially crafted file to trigger the vulnerability, which requires no elevated privileges but offers no path to code execution or system availability impact.
Out-of-bounds memory read in Adobe Audition 25.3 and earlier enables attackers to extract sensitive data from process memory when a user opens a specially crafted file. No patch is currently available for this vulnerability, which requires user interaction to trigger but poses a confirmed risk to confidentiality. Local attackers can exploit this to disclose information without requiring elevated privileges or additional user actions beyond opening the malicious file.
Arbitrary code execution in Adobe Audition 25.3 and earlier through a local out-of-bounds write vulnerability that requires victims to open a specially crafted file. The vulnerability impacts all users running affected versions and allows attackers to execute code with the privileges of the current user. No patch is currently available.
Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.2, 23.6.4 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Audition versions 24.0.3, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.