CVE-2024-49554

Media Encoder versions 25.0, 24.6.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS v3.0 5.5 MEDIUM

5.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:adobe:media_encoder::::::::
	cpe:2.3:a:adobe:media_encoder:25.0:::::::*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

History

18 Dec 2024, 14:44

Type	Values Removed	Values Added
First Time		Microsoft Adobe media Encoder Adobe Microsoft windows Apple macos Apple
References	~~() https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html -~~	() https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html - Vendor Advisory
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:adobe:media_encoder:25.0:::::::* cpe:2.3:a:adobe:media_encoder:::::::: cpe:2.3:o:apple:macos:-:::::::*

10 Dec 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-10 20:15

Updated : 2024-12-18 14:44

NVD link : CVE-2024-49554

Mitre link : CVE-2024-49554

JSON object : View

Products Affected

microsoft

windows

apple

macos

adobe

media_encoder

CWE

CWE-476

NULL Pointer Dereference

5.5 /10