Vulnerabilities > CVE-2024-30285 - NULL Pointer Dereference vulnerability in Adobe Audition

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

adobe

CWE-476

NVD

Published: 2024-06-13

Updated: 2024-07-09

Summary

Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to crash the application, leading to a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Audition 24.0 Adobe Audition 24.1 Adobe Audition - Adobe Audition 13.0.5 Adobe Audition 13.0.6 Adobe Audition 14.4 Adobe Audition 22.0 Adobe Audition 23.6.4	8

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://helpx.adobe.com/security/products/audition/apsb24-32.html