CVE-2023-38216
ZDI-CAN-21404: Adobe Bridge Font Parsing Use-After-Free Information Disclosure VulnerabilityAdobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
We have discovered 716 live websites that are affected by CVE-2023-38216.
Contact us to get more info
Affected Software
| |
---|
Product | Bridge |
Category | Wordpress Themes |
Vulnerable Versions | |
Total Vulnerable Versions | 102 |
Vulnerable Domains | 716 live websites (97.68% of Bridge install base) |
Common Weakness Enumeration
CWE-416 Use After Free
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-38216 and the relative popularity of websites