CVE-2022-38407 InCopy versions 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could exploit this vulnerability to bypass ASLR.

In order to exploit this issue, the user must have a malformed file with an InCopy document open on the affected version of InCopy. The malicious file must also have a specially crafted markup. The following InCopy documents are considered to be vulnerable: InCopy version 17.3 (and earlier) and version 16.4.2 (and earlier). Adobe has confirmed this issue and released version 17.3.2 of InCopy to patch this issue. Users can update to the latest version by going to Help > Updates in InCopy.

How to check if you're vulnerable to CVE-2022-38407

To check if you are vulnerable to CVE-2022-38407, open the InCopy file containing the malicious markup. If the issue is found, a warning pops up.
If you do not see this warning, then you are not vulnerable to this issue and your computer is safe from this exploit.

How to check if you are affected by CVE-2022 -38407

You can check if your computer is affected by this issue by opening an InCopy document and checking the version of InCopy that was used to create it. The following InCopy documents are considered to be vulnerable: InCopy version 17.3 (and earlier) and 16.4.2 (and earlier). Adobe has confirmed this issue and released version 17.3.2 of InCopy to patch this issue. Users can update to the latest version by going to Help > Updates in InCopy.

InCopy Document Type Mismatch

An issue was discovered in InCopy documents, where a malformed file with an InCopy document open on the affected version of InCopy could be exploited to cause a heap-based buffer overflow. The following InCopy documents are considered to be vulnerable: InCopy version 17.3 (and earlier) and version 16.4.2 (and earlier).
The vulnerability is caused by a Document Type Mismatch error when processing malformed files that contain specially crafted markup for certain types of content.
Adobe has confirmed this issue and released patch 17.3.2 of InCopy to fix it, which will protect all affected versions of InCopy against this vulnerability.

How do I know if my InCopy installation is strong enough to prevent an attack?

If you have a newer version of InCopy installed, there is no risk of exploitation. Your installation will not be vulnerable if it is of the following versions or later: 17.3, 17.3.1, 17.3.2 and 16.4.2 (and later).

Timeline

Published on: 09/16/2022 18:15:00 UTC
Last modified on: 09/20/2022 18:07:00 UTC

References

• https://helpx.adobe.com/security/products/incopy/apsb22-53.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38407