ГлавнаяУязвимости → CVE-2024-41865
7.8высокая

CVE-2024-41865

Описание

Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur if the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction.

Затрагиваемое ПО
Adobe Dimension
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://helpx.adobe.com/security/products/dimension/apsb24-47.html