Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-30285— Adobe Audition 2024 MP4 File Parsing Null Pointer Dereference

CVSS 5.5 · Medium EPSS 0.18% · P39
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-30285

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Adobe Audition 2024 MP4 File Parsing Null Pointer Dereference
Source: NVD (National Vulnerability Database)
Vulnerability Description
Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to crash the application, leading to a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
空指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Adobe Audition 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Adobe Audition是美国奥多比(Adobe)公司的一套多音轨编辑工具。该产品主要使用包含多音轨、波形和光谱显示的完善工具集对音频内容进行混音、编辑和创建等。 Adobe Audition 存在代码问题漏洞,该漏洞源于受到空指针取消引用漏洞的影响,可能导致应用程序拒绝服务条件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AdobeAudition 0 ~ 23.6.4 -

II. Public POCs for CVE-2024-30285

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-30285

登录查看更多情报信息。

Same Patch Batch · Adobe · 2024-06-13 · 165 CVEs total

CVE-2024-3029910.0 CRITICALTenable Vulnerability Disclosure | API Auth Bypass
CVE-2024-303009.8 CRITICALTenable Vulnerability Disclosure | Sensitive Information Disclosure Via Fake FMPS Worker
CVE-2024-341029.8 CRITICALXXE can expose crypt key and other secrets granting full admin access
CVE-2024-341089.1 CRITICALLarge attack surface through legit webhook usage in Adobe Commerce
CVE-2024-341048.2 HIGHAdobe Commerce | Improper Authorization (CWE-285)
CVE-2024-341038.1 HIGHCustomer account takeover via web API call & subsequent password reset
CVE-2024-341157.8 HIGHZDI-CAN-24054: Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code
CVE-2024-207537.8 HIGHAdobe Photoshop PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
CVE-2024-260297.5 HIGHAdobe Experience Manager | Improper Access Control (CWE-284)
CVE-2024-341297.5 HIGHAcrobat Android : OverSecured Finding : Overwriting arbitrary files via attacker-controlle
CVE-2024-341127.5 HIGHColdFusion CFDOCUMENT file retrieval / access control bypass
CVE-2024-341097.2 HIGHAdobe Commerce | Improper Input Validation (CWE-20)
CVE-2024-341107.2 HIGHRCE in the Adobe Commerce Webhook module through a legit webhook definition
CVE-2024-341167.1 HIGHAdobe Creative Cloud App Install Arbitrary Folder Delete Vulnerability can be abuse to Pri
CVE-2024-341116.5 MEDIUMSSRF in service connector
CVE-2024-341305.5 MEDIUMAcrobat Android : OverSecured Finding : Access to arbitrary* content providers via insecur
CVE-2024-302765.5 MEDIUMAdobe Audition 2024 M2V File Parsing Memory corruption
CVE-2024-341135.5 MEDIUMColdFusion | Weak Cryptography for Passwords (CWE-261)
CVE-2024-302785.5 MEDIUMAdobe Media Encoder 2024 TGA File parsing memory corruption
CVE-2024-260725.4 MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Showing top 20 of 165 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Audition
Same vendor: Adobe
Same weakness: CWE-476

V. Comments for CVE-2024-30285

No comments yet

Leave a comment