Access of Uninitialized Pointer
CVE-2023-26386
Summary
Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- LOW
- LOCAL
- NONE
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- NONE
CWE-824 - Access of Uninitialized Pointer
The program accesses or uses a pointer that has not been initialized.
References
Advisory Timeline
- Published