Fortinet Discovers Adobe After Effects Heap Corruption Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a heap overflow vulnerability in Adobe After Effects.
After Effects is a video-editing application developed and published by Adobe Systems for macOS and Windows.
A heap overflow vulnerability has been discovered in After Effects by FortiGuard Labs. The vulnerability is caused by a crafted "AEPX" file which causes a heap overflow. It could allow malicious users to create code execution scenarios.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Adobe.After.Effects.CVE-2020-9637.Memory.Corruption
Released May 22, 2020
Users should apply the solution provided by Adobe.
Timeline
Fortinet reported the vulnerability to Adobe on April 01, 2020.
Adobe confirmed the vulnerability on May 21, 2020.
Adobe patched the vulnerability on June 16, 2020.