20.5

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

adobe

CWE-415

NVD

Published: 2020-10-21

Updated: 2020-10-23

Summary

Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Animate 15.2.1.95 Adobe Animate 20.5	2
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-415 - Double Free

References

https://helpx.adobe.com/security/products/animate/apsb20-61.html