vulnerability

Adobe FrameMaker: CVE-2020-9725: Stack-based Buffer Overflow

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Sep 10, 2020	Feb 20, 2025	Nov 27, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Sep 10, 2020

Added

Feb 20, 2025

Modified

Nov 27, 2025

Description

Adobe FrameMaker version 2019.0.6 (and earlier versions) lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This could be exploited to execute arbitrary code with the privileges of the current user. User interaction is required to exploit this vulnerability in that the target must open a malicious FrameMaker file.

Solution

adobe-framemaker-upgrade-to-latest

References

CVE-2020-9725
https://attackerkb.com/topics/CVE-2020-9725
URL-https://helpx.adobe.com/uk/security/products/framemaker/apsb20-54.html
CWE-121
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today