- Description
- InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- Source
- psirt@adobe.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- psirt@adobe.com
- CWE-125
- Hype score
- Not currently trending
🟠 #Adobe InDesign, Out-of-Bounds Read, #CVE-2025-47104 (Medium) https://t.co/Sa2AcVBv6A
@dailycve
16 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47104 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… https://t.co/felzj8zBdM
@CVEnew
10 Jun 2025
165 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73E99D86-EF86-4749-A99E-70885AF4F04F",
"versionEndExcluding": "19.5.4"
},
{
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40154FD6-2FFA-43E8-BE76-F1A907691FA7",
"versionEndExcluding": "20.3",
"versionStartIncluding": "20.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]