Vulnerability Description
Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Indesign | <= 13.0 |
| Apple | Mac Os X | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103714Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb18-11.htmlVendor Advisory
- http://www.securityfocus.com/bid/103714Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb18-11.htmlVendor Advisory
FAQ
What is CVE-2018-4928?
CVE-2018-4928 is a vulnerability with a CVSS score of 7.8 (HIGH). Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
How severe is CVE-2018-4928?
CVE-2018-4928 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-4928?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Indesign, Apple Mac Os X, Microsoft Windows.