CVE-2023-25883 — Vulnetix

CVE-2023-25883 PUBLISHED CVSS 7.800000190734863 HIGH

Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

EPSS 0.10% · 27.9th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.10%

27.9th percentile

Affected Products

Vendor	Product	Versions
adobe	dimension	0
Adobe	Dimension	unspecified, *

Timeline

Mar 7, 2023 PoC Published
Mar 28, 2023 CVE Published
Mar 29, 2023 EPSS Score
May 6, 2023 EPSS Score
Jun 13, 2023 EPSS Score
Jul 21, 2023 EPSS Score
Aug 29, 2023 EPSS Score
Oct 6, 2023 EPSS Score
Nov 13, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Mar 1, 2024 PoC Published
Mar 6, 2024 EPSS Score

References

https://helpx.adobe.com/security/products/dimension/apsb23-20.html url
https://nvd.nist.gov/vuln/detail/CVE-2023-25883 advisory

Open in Interactive Console →