Fortinet Discovers Adobe Animate Memory Corruption Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Animate.
Adobe Animate is a multimedia authoring and computer animation program. It is used to design vector graphics and animation for television programs, online video, websites, web applications, rich internet applications, and video games.
A memory corruption vulnerability has been discovered in Adobe Animate by FortiGuard Labs. The vulnerability exists because the vulnerable software can't correctly parse a crafted FLA file which causes an out-of-bounds memory access. It could allow malicious users to create code execution scenarios.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Adobe.Animate.CVE-2020-9747.Memory.Corruption
Released Sep 22, 2020
Use the solution provided by Adobe.
Timeline
Fortinet reported the vulnerability to Adobe on July 15, 2020.
Adobe confirmed the vulnerability on September 22, 2020.
Adobe patched the vulnerability on October 20, 2020.