CVE-2024-45137

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-434
View all →

Vulnerability Description

InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which, when executed, could run arbitrary code in the context of the server. Exploitation of this issue requires user interaction.

Related Vulnerabilities

CVE-2010-4661

HIGH
CVSS:7.8(High)

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

CWE-4342010

CVE-2015-0796

HIGH
CVSS:7.8(High)

In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow bui...

CWE-4342015

CVE-2015-1000013

HIGH
CVSS:7.8(High)

Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1

CWE-4342015

CVE-2015-7571

HIGH
CVSS:7.8(High)

Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

CWE-4342015

CVE-2017-13156

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847.

CWE-4342017

CVE-2017-2699

HIGH
CVSS:7.8(High)

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could ...

CWE-4342017