Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
After_effects | Adobe | * | 18.4.1 (including) |