6.8
CVSSv2

CVE-2020-3738

Published: 13/02/2020 Updated: 14/02/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Adobe Framemaker could allow a remote malicious user to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

Vulnerability Trend

Affected Products

Vendor Product Versions
AdobeFramemaker15.0.4

Vendor Advisories

Adobe has released a security update for Adobe Framemaker This update addresses multiple critical vulnerabilities Successful exploitation could lead to arbitrary code execution in the context of the current user ...

Recent Articles

Adobe Addresses Critical Flash, Framemaker Flaws
Threatpost • Lindsey O'Donnell • 11 Feb 2020

Adobe has released patches addressing a wave of critical flaws in its Framemaker and Flash Player products, which, if exploited, could lead to arbitrary code-execution.
Overall, Adobe stomped out flaws tied to 42 CVEs for its regularly scheduled February updates, with 35 of those flaws being critical in severity. That trumps Adobe’s January security update, which addressed nine vulnerabilities overall, including ones in Adobe Illustrator CC and Adobe Experience Manager.
Adobe Frame...