Adobe After Effects version 18.4.1 (and earlier) is...
High severity
Unreviewed
Published
Nov 19, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Nov 18, 2021
Published to the GitHub Advisory Database
Nov 19, 2021
Last updated
Feb 1, 2023
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
References