CVE-2023-22239

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

24 Feb 2023, 23:52

Type Values Removed Values Added
CPE cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
References (MISC) https://helpx.adobe.com/security/products/after_effects/apsb23-02.html - (MISC) https://helpx.adobe.com/security/products/after_effects/apsb23-02.html - Vendor Advisory
First Time Microsoft windows
Microsoft
Adobe
Adobe after Effects
Apple macos
Apple

17 Feb 2023, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-02-17 22:15

Updated : 2023-12-10 14:48


NVD link : CVE-2023-22239

Mitre link : CVE-2023-22239

CVE.ORG link : CVE-2023-22239


JSON object : View

Products Affected

microsoft

  • windows

apple

  • macos

adobe

  • after_effects
CWE
CWE-20

Improper Input Validation